cyberintel.kalymoon.com · 5099 articles · updated every 4 hours · grows forever
A months-long investigation by Rapid7 Labs has exposed a sophisticated, state-sponsored espionage campaign by the China-nexus threat actor Red Menshen, which has embedded some of the most covert digit…
Russian law enforcement has arrested the suspected administrator of LeakBase, a prominent international hacker forum. The operation, coordinated by the Russian Ministry of Internal Affairs (MVD) along…
A new malware campaign called GhostClaw is actively targeting macOS users through fake GitHub repositories and AI-assisted development workflows. The campaign uses social engineering disguised as legi…
A critical local privilege escalation vulnerability has been identified in the IDrive Cloud Backup Client for Windows. Tracked as CVE-2026-1995, this local privilege escalation vulnerability affects t…
The Cybersecurity and Infrastructure Security Agency (CISA) has officially added a critical security flaw affecting the Langflow platform to its Known Exploited Vulnerabilities (KEV) catalog on March …
A new and technically advanced rootkit called VoidLink has emerged as a serious threat to Linux systems, blending Loadable Kernel Modules (LKMs) with extended Berkeley Packet Filter (eBPF) programs to…
A threat actor known as “Snow” from SnowTeam posted an advertisement on the Russian-speaking TierOne (T1) cybercrime forum on March 25, 2026, introducing a new criminal service called Leak Bazaar. The…
A social engineering technique called ClickFix has resurfaced with significant force, tricking users on both Windows and macOS into manually executing malicious commands that quietly install malware o…
Security researchers from Georgia Tech have observed a surge in reported CVEs for which the flaw was introduced by AI-generated code
Move over shadow IT; shadow AI is the new risk on the scene. The explosion of available AI tools, leadership’s enthusiasm for the new technology, the push for employees to do more with less, nascent g…
Threats actors pounced on the code injection vulnerability within hours of its disclosure, demonstrating that organizations have little time to address critical bugs.
A long-term and ongoing campaign attributed to a China-nexus threat actor has embedded itself in telecom networks to conduct espionage against government networks. The strategic positioning activity, …
The Cybersecurity and Infrastructure Security Agency (CISA) is warning that hackers are actively exploiting a critical vulnerability identified as CVE-2026-33017, which affects the Langflow framework …
Trump’s cyber strategy will emphasize adversary deterrence, industry partnerships Cybersecurity Dive
Exito Media Concepts Announces the 31st Global Edition of the Cyber Security Summit Australia 2026 ACN Newswire
Radiant Logic Earns Two 2026 Cybersecurity Industry Awards for Identity Security Innovation Yahoo Finance Singapore
The Mission: Hack High Value Targets' Devices, Apps and Transmit His Location A team of cybersecurity students from the University of North Georgia vanquished seven opposing teams from other senior mi…
The Chinese-nexus advanced persistent threat group Silver Fox, also tracked as Void Arachne and SwimSnake, is actively targeting Chinese-speaking users and professionals with a sophisticated AtlasCros…
A threat group known as APT-Q-27 has been running an active campaign against Web3 customer support teams, using fake screenshot links in live chat windows to silently install a persistent backdoor on …
A new Malware-as-a-Service (MaaS) credential stealer named Torg Grabber has surfaced, showing remarkable development pace over just three months. Starting with simple Telegram-based data exfiltration,…
OpenAI’s Safety Bug Bounty program seeks to address AI safety vulnerabilities beyond traditional security flaws
PwC Annual Threat Dynamics report says AI-threats are the biggest concern of clients
EtherRAT hides C2 in Ethereum smart contracts via EtherHiding, steals wallets and credentials
Attackers rapidly exploited a critical Oracle WebLogic RCE flaw the same day exploit code was released, according to a CloudSEK honeypot study