12+ hour, 39+ min ago  (449+ words) The vast majority (80%) of critical national infrastructure (CNI) providers in the UK face downtime costs of between "100,000 ($132,144) and "5m ($6.6m) from cyber-attacks that disrupt their operational technology (OT), according to e2e-assure. The SOC-as-a-service provider polled 250 cybersecurity decision makers in CNI sectors including…...

6+ hour, 49+ min ago  (448+ words) A series of malicious LNK files targeting users in South Korea has been detected using a multi-stage attack chain that uses GitHub as command and control (C2) infrastructure. The campaign relies on scripting, encoded payloads and legitimate Windows tools to maintain…...

1+ day, 10+ hour ago  (667+ words) Emerging Trends Working Group Member, ISACA Clawdbot's popularity has been meteoric, racking up more than 140,000 stars and 20,000 forks on its Github repository. However, its renaming to Moltbot suggested significant security issues, such as the trifecta of access to private data,…...

1+ day, 17+ hour ago  (453+ words) Threat actors have targeted an open source maintainer to hijack one of the most popular npm packages and spread remote access Trojans (RATs). Axios is a JavaScript library downloaded over 100 million times a week'and used as a dependency in countless…...

3+ day, 6+ hour ago  (252+ words) A wave of tax-themed cyber campaigns delivering malware, remote access tools, fraud schemes and credential phishing has been detected in early 2026. Proofpoint researchers identified more than a hundred such operations, highlighting'how attackers continue to exploit the pressures and expectations tied…...

2+ day, 17+ hour ago  (441+ words) Director of Commercial Cyber Solutions, Booz Allen Nearly 20 years ago, the SIEM (Security Information and Event Management) was "named, designed as tools strictly for compliance-focused log storage. But as the threat landscape evolved, these legacy systems have been unable to…...

3+ day, 14+ hour ago  (457+ words) A newly uncovered malware campaign is combining ClickFix delivery with AI generated evasion techniques to steal enterprise user accounts and passwords. The attacks are designed to provide intruders with persistent, credential-stealing access to networks, complete with a hidden mechanism which…...

3+ day, 9+ hour ago  (530+ words) A critical vulnerability in Citrix's networking and security solutions is being exploited in the wild, security researchers have confirmed. The vulnerability, disclosed by Citrix as CVE-2026-3055 on March 23, is a critical out-of-bounds read in NetScaler Application Delivery Controller (ADC) and…...

6+ day, 10+ hour ago  (566+ words) TeamPCP has again expanded its supply chain attacks on open-source repositories by targeting "Telnyx, according to security researchers. The cyber threat group recently rose to notoriety by uploading malicious packages to Python Package Index (PyPI), the official online repository where…...

6+ day, 15+ hour ago  (836+ words) UK Channel Manager, Secolve When we visit a hospital, or walk through an airport, Operational Technology (OT) cyber security pros may take a moment to consider the possibility and consequences of a critical cyber incident in these environments. Blackouts, grounded…...