Research Archives

cPanel’s authentication bypass bug is being exploited in the wild, CISA warns

The agency added the flaw to the KEV list days after hosting providers confirmed active, ongoing attacks.

3 days ago By Greg Otto

Two new extortion crews are speedrunning the Scattered Spider playbook

CrowdStrike says The Com-affiliated threat groups are using voice phishing and fake SSO pages to break into SaaS environments and steal data fast for extortion.

4 days ago By Matt Kapko

Chinese national extradited to US for pandemic-era Silk Typhoon attacks

Xu Zewei was allegedly directed by China’s intelligence services to conduct a sweeping espionage campaign to steal data on COVID-19 research and other U.S. policy interests.

Apr 27, 2026 By Matt Kapko

US, UK agencies warn hackers were hiding on Cisco firewalls long after patches were applied

Investigators found the malware, dubbed Firestarter, on a federal agency's network in a campaign dating back to at least September 2025.

Apr 23, 2026 By Greg Otto

Arik Ashkenazi, chief engineer at the Ein Netafim wastewater treatment plant, walks between water clarifier basins at the facility in Israel’s southern Red Sea port city of Eilat on July 13, 2023. Hemmed in between the Red Sea and a desert, isolated from the rest of Israel and with no natural freshwater, Eilat’s drinking water is a combination of desalinated groundwater and sea water. After its domestic use turns it into sewage, it is treated and then allocated to farmers, enabling the arid region to support an agricultural industry. While Eilat used to be the exception in Israel’s water management, it is now more of a prototype for the country and perhaps to the world. (Photo by MENAHEM KAHANA / AFP) (Photo by MENAHEM KAHANA/AFP via Getty Images)

Dragos: Despite AI use, new malware targeting water plants is ‘hype’

ZionSiphon was designed to find and sabotage Israelis’ water supply. An OT expert said it appears to be ineffective and the work of amateurs using AI.

Apr 23, 2026 By Derek B. Johnson

Mobile phone antennas at sunset; fhm, Getty Images

Surveillance campaigns use commercial surveillance tools to exploit long-known telecom vulnerabilities

Researchers said it’s the first-ever mapping of attack traffic to mobile operator signalling infrastructure.

Apr 23, 2026 By Tim Starks

Network ‘background noise’ may predict the next big edge-device vulnerability

GreyNoise researchers spotted a consistent trend in forthcoming vulnerabilities affecting security tools, providing defenders an early-warning system for likely imminent attacks.

Apr 20, 2026 By Matt Kapko

NIST narrows scope of CVE analysis to keep up with rising tide of vulnerabilities

The National Vulnerability Database will now only analyze vulnerabilities in critical software, systems used in the federal government and those under active exploitation.

Apr 15, 2026 By Matt Kapko

Black Basta’s playbook lives on as former affiliates launch fast-scale intrusion campaign

The social engineering campaign spiked last month and has targeted dozens of organizations since May 2025, according to ReliaQuest.

Apr 14, 2026 By Matt Kapko

OpenAI’s Mac apps need updates thanks to the Axios hack

The company said a developer tool automatically retrieved a malicious version of the popular open-source library, but insists the integrity of its systems and software were not…

Apr 13, 2026 By Matt Kapko