cyberintel.kalymoon.com · 983 articles · updated every 4 hours · grows forever
This Women’s History Month, we explore ways to support the next generation of female defenders at every career stage. The post Women’s History Month: Encouraging women in cybersecurity at every career…
Malicious AI browser extensions collected LLM chat histories and browsing data from platforms such as ChatGPT and DeepSeek. With nearly 900,000 installs and activity across more than 20,000 enterprise…
Oracle attempt to hide serious cybersecurity incident from customers in Oracle SaaS service | by Kevin Beaumont DoublePulsar
APAC firms to boost threat intelligence spend, embrace AI by 2026 IT Brief New Zealand
Russian threat actor weaponized Microsoft Management Console flaw Cybersecurity Dive
CVE-2026-20127 is an improper authentication vulnerability impacting Cisco Catalyst SD-WAN Controller, formerly vSmart, and SD-WAN Manager, formerly vManage, components.
An Iranian aligned threat group conducting destructive and espionage focused cyber operations against organizations in Israel and Western countries.
Since early 2026, interest in OpenClaw — the open source autonomous AI agent developed by Peter Steinberger — has surged.
On Feb. 28, 2026, the U.S. and Israel launched coordinated strikes against Iran, marking the start of open conflict after months of escalating tensions.
CVE-2026-1731 is an operating system (OS) command injection vulnerability impacting BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA) software
Intel 471 has worked with law enforcement and private industry in action coordinated by Europol’s European Cybercrime Centre (EC3), culminating in today’s takedown of Tycoon 2FA’s operations and infra…
The highly disruptive and destructive cyber incidents across the past year have reinforced the need for the U.K to raise the level of cyber resilience in all critical sectors.
Relying upon AI-driven cybersecurity to fend off cyberattacks raises a paradox: improving speed and productivity is a game changer, but it carries a risk to quality, fidelity and trust. The battle aga…
Pro-Russian hacktivists leveraged the media spotlight amidst protests and suspected acts of sabotage in Italy. But state-sponsored cyber campaigns appear muted compared to past Olympics events.
A threat hunting program backed by the right metrics and proper documentation of hunts can reduce breach costs and, in the event of a breach, demonstrate operational maturity to insurers and regulator…
A new threat actor has launched what appears to be a fake ransomware-as-a-service (RaaS) operation called 0APT.
Our Geopolitical Intelligence and Threat Hunting teams collaborate closely to help customers monitor, respond to and mitigate cyber risks
CrazyHunter is a ransomware campaign targeting healthcare that weakens endpoint defenses and escalates privileges before encrypting systems at scale.
DevMan Ransomware is a newly emerging ransomware operation observed in 2025 that has been assessed as a derivative of the DragonForce ransomware family.
Announcing Tuning, a new utility in the Guided Threat Hunts feature of HUNTER, the industry’s leading library of behavioral hunt packages and the Hunt Management Module, available on the Verity471 cyb…
Eric Huber is Cybercrime Research Leader with TD Bank. In this Studio 471, he discusses why check fraud is such a huge problem in the U.S. and how banks can counter it.
Gootloader resurfaced with enhanced capabilities, building on the multi-stage loader malware first seen in 2020.
The "Shai-Hulud" worm represents a significant escalation in software supply chain attacks, particularly within the Node.js ecosystem
Intel 471 discovered a new Android trojan, FvncBot, that masquerades as a security application for mBank, a major Polish bank. Our Malware Intelligence team analyzed its code, which is new and not bas…