Cybersecurity researchers have revealed that the North Korean-linked hacking group Kimsuky has expanded its cyber espionage toolkit with new malware and attack methods. The group is known for targeting government agencies, defense organizations, and research institutions. According to recent findings, Kimsuky is continuing to improve its operations to make attacks more effective. Experts say the … Continued
A Google security engineer has been charged by U.S. authorities for allegedly using confidential company information to earn more than $1.2 million through bets on the prediction market platform Polymarket. The case has attracted significant attention because it involves the use of internal Google data that was not available to the public. Prosecutors believe the … Continued
A new AI usage report has revealed that most enterprise AI security risks are connected to a small group of heavy AI users inside organizations. Researchers found that while many employees use AI tools occasionally, only a limited number of workers generate most of the risky AI activity. These users are often called “AI power … Continued
Carnival Corporation has confirmed a major cybersecurity breach that affected nearly 6 million people connected to the company. The incident was discovered in April 2026 after hackers gained unauthorized access to part of the company’s internal systems. According to the company, the attack happened through a social engineering method where employees were tricked into giving … Continued
A major cybersecurity operation has disrupted the infrastructure behind the GlassWorm malware campaign. The operation was carried out by CrowdStrike, Google, and the Shadowserver Foundation. Security researchers said the malware mainly targeted software developers through infected VS Code extensions. The malicious extensions were uploaded to developer marketplaces to trick users into installing them. GlassWorm became … Continued
A major security vulnerability has been discovered in Gitea, a widely used open-source Git hosting platform. Researchers revealed that the flaw could allow anyone to access private container images without logging in. The issue has been identified as CVE-2026-27771 and affects versions earlier than 1.26.2. Security experts warned that the vulnerability could expose sensitive software … Continued
Microsoft has introduced a new cybersecurity feature in Microsoft Defender for Endpoint that can automatically isolate compromised devices during an active cyberattack. The feature is currently available in preview mode and is designed to help organizations stop attacks before they spread across the network. It works as part of Microsoft’s growing focus on automated cyber … Continued
Cybersecurity researchers have discovered a new hacking campaign linked to an Iranian threat group known as Nimbus Manticore, also tracked as UNC1549 and Screening Serpens. The group is believed to be connected to Iran’s Islamic Revolutionary Guard Corps (IRGC). Researchers said the hackers used phishing emails, fake job offers, and manipulated search engine results to … Continued
A critical vulnerability in Ghost CMS, identified as CVE-2026-26980, has been exploited by attackers in a large-scale malware campaign. Security researchers confirmed that more than 700 websites were compromised during the attacks. The flaw received a high severity score of 9.4 because of the serious risks it created. Many of the targeted websites were running … Continued
A major cybercrime investigation by authorities in the United States and Canada has led to the arrest of a man accused of helping run the KimWolf botnet. Officials confirmed that the operation was linked to several cyberattacks carried out worldwide. The arrest was made after investigators tracked the activities of the botnet for months. Authorities … Continued
