Afraid of missing important security news during the week? We're here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!
For the less technical
- Is Office.EU a scam?
- Android 17 Beta 2 starts clamping down on apps that misuse accessibility services
- Android developer verification: Balancing openness and choice with safety
- Meta to shut down Instagram end-to-end encrypted chat support starting May 2026
- Google scraps AI search feature that crowdsourced amateur medical advice
- Elon Musk’s xAI sued for turning three girls’ real photos into AI CSAM
- 45,000 malicious IP addresses taken down in international cyber operation
- Pro-Iranian ransomware operators tactical shift from Sicarii to BQTLock
- Stryker attack wiped tens of thousands of devices, no malware needed
- FBI seizes pro-Iranian hacking group’s websites after destructive Stryker hack
For the more technical
- The proliferation of DarkSword: iOS exploit chain adopted by multiple threat actors
- Inside DarkSword: A new iOS exploit kit delivered via compromised legitimate websites
- Attackers wielding DarkSword threaten iOS users
- Your KVM is the weak link: How $30 devices can own your entire network
- Fake Telegram malware campaign: Analysis of a multi-stage loader delivered via typosquatted websites
- Four arms, one monster: GlassWorm invades GitHub, NPM, Open VSX and VS Code
- Ransomware under pressure: Tactics, techniques, and procedures in a shifting threat landscape
- Everyday tools, extraordinary crimes: the ransomware exfiltration playbook
- A Slopoly start to AI-enhanced ransomware attacks
- Web shells, tunnels, and ransomware: Dissecting a Warlock attack
- Amazon threat intelligence teams identify Interlock ransomware campaign targeting enterprise firewalls
- The beast returns: Analysis of a Beast ransomware server
- EDR killers explained: Beyond the drivers
- From invitation to infection: How SilentConnect delivers ScreenConnect
- SmartApeSG campaign uses ClickFix page to push Remcos RAT
- Technical analysis of SnappyClient
- Copyright lures mask a multi‑stage PureLog stealer attack on key industries
- Malware-as-a-service redefined: Why XWorm is outpacing every other RAT in the underground malware market
- Sweet Minecraft mods – the dark tale of SugarSMP scam, malware & extortion
- Vidar Stealer 2.0 distributed via fake game cheats on GitHub and Reddit
- Perseus: DTO malware that takes notes
- StoatWaffle, malware used by WaterPlum
- Analysis of the spear-phishing and KakaoTalk-linked threat campaign by the Konni group
- Operation Roundish: Uncovering an APT28 Roundcube toolkit used against Ukrainian government targets
- Operation CamelClone: Multi-region espionage campaign targets government and defense entities amidst regional tensions
- Operation GhostMail: Russian APT exploits Zimbra webmail to target Ukraine state agency
- MuddyWater APT + Tsundere botnet: EtherHiding the C2
- Boggy Serpens (MuddyWater) threat assessment
- China-nexus threat actor targets Persian Gulf region with PlugX
Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.
Comments