Threat actors stories - Page 2

SpecterOps broadens BloodHound Enterprise to map identity attack paths across Okta, GitHub and Jamf-managed Macs in hybrid environments.

Malicious fake Windsurf IDE extension hid JavaScript, abused Solana to fetch payloads, and stole developers' browser credentials and tokens.

Rapid7 warns exploited high and critical software flaws more than doubled in 2025, as attackers compress disclosure-to-attack windows.

Harness has launched AI Security and Secure AI Coding tools to spot and block vulnerabilities in AI-powered apps and AI-generated code.

Ransomware group LeakNet adopts ClickFix lures and a Deno-based fileless loader to scale attacks and evade traditional endpoint defences.

Okta and partners pull rogue ShieldGuard Chrome extension that stole crypto wallet data and bypassed browser defences via custom code.

SonicWall's SonicSentry SOC cut short a Saturday night cyberattack, spotting rogue ScreenConnect activity and isolating a compromised PC.

HPE warns cybercriminals now run attacks like global enterprises, using repeatable workflows, automation and AI to outpace defences.

AI agents are fuelling a new wave of cyber risk, as criminals weaponise automation to speed up ransomware and sharpen extortion tactics.

AI-driven botnets fuel eight million DDoS attacks in late 2025, as multi-vector assaults hit 30 Tbps and strain global critical services.

Cloud identity compromise now drives over 80% of cyber incidents, as attackers increasingly abuse trusted accounts and workplace tools.

Fake Claude AI search ads are spreading info-stealing malware, hijacking developer credentials and cloud access via spoofed download sites.

New research links Iran conflict to a swift surge in tightly targeted cyber espionage across Middle Eastern governments and embassies.

Hackers are abusing the trusted Deno JavaScript runtime to run fileless CastleRAT malware solely in memory and evade endpoint defences.

Misconfigured Salesforce Experience Cloud guest profiles are being exploited for mass data harvesting, with up to 400 firms possibly affected.

Claroty again named a Leader in Gartner's 2026 CPS Protection Platforms Magic Quadrant as industrial cyber-physical threats intensify.

Attackers are ditching malware for stolen identities, misconfigurations and abused AI tools, Google warns in its latest cloud threat report.

Ransomware attacks in Asia-Pacific surged 59% in 2025 as rapid digitalisation and AI adoption fuel faster, more targeted cyber extortion.

GenAI use in healthcare is fuelling patient data policy breaches, with regulated records making up 89% of AI-linked violations, research shows.

A stealthy BlackSanta malware spree is hijacking HR recruitment workflows, killing endpoint defence tools and exfiltrating sensitive data.