News

Cybersecurity
Google and FBI Seize NetNut Proxy Network Used by 316 Threat Actors
Google and the FBI dismantled NetNut, a residential proxy network that secretly hijacked 2 million home devices and served 316 distinct cybercrime groups.
Cybersecurity
PamStealer macOS Infostealer Uses PAM API to Verify Stolen Passwords
Jamf Threat Labs disclosed PamStealer, a Rust-based macOS infostealer that uses the PAM API to verify stolen passwords before exfiltrating credentials.
CVE Vulnerability Alerts
CVE-2026-8451 Exploited Within 24 Hours of Citrix NetScaler Patch
A threat actor exploited CVE-2026-8451 in Citrix NetScaler within 24 hours of patch release, targeting Lupovis honeypots with confirmed memory overread payloads.
Cybersecurity
ToddyCat APT’s Umbrij Tool Reads Corporate Gmail via OAuth Silently
Kaspersky attributed Umbrij to ToddyCat APT, a .NET tool that silently reads corporate Gmail via OAuth without triggering login alerts or standard security notifications.
Application Security
Apple Hide My Email Still Leaks Real Addresses After Claimed Fix
Apple's iCloud+ Hide My Email vulnerability still exposes real addresses at 100% success, with multiple claimed fixes from Apple failing to close the flaw.
Cybersecurity
90-Domain SEO Campaign Abuses ScreenConnect to Deploy AsyncRAT
Kaspersky exposed a 90-domain SEO poisoning campaign that installs AsyncRAT on Windows via a fake ScreenConnect installer, targeting users across 10 languages.
Cybersecurity
VEIL#DROP Campaign Uses Google Blogger to Deliver PureLogs Stealer
Securonix disclosed VEIL#DROP, an active campaign routing PureLogs Stealer through Google Blogger to bypass reputation-based enterprise security controls.
Cybersecurity
90-Domain SEO Campaign Abuses ScreenConnect to Deploy AsyncRAT
Kaspersky exposed a 90-domain SEO poisoning campaign that installs AsyncRAT on Windows via a fake ScreenConnect installer, targeting users across 10 languages.
Application Security
Unit 42 Confirms 13,000 Malicious Phantom Squatting Sites
Unit 42 documented phantom squatting, with 13,229 malicious URLs active on AI-hallucinated domains and 250,000 more unregistered sites available to attackers.
Cybersecurity
Trump Administration Lifts Claude Fable 5 Access Restrictions
The Trump administration reversed Commerce Department restrictions on Anthropic's Fable 5, restoring global access while Mythos 5 stays limited to vetted U.S. organizations.