The OpenID Foundation warns that fragmented policies on posthumous digital accounts could open the door for fraudsters to exploit AI deepfakes
Espionage campaign exploits Israel-Iran conflict, distributing a trojanized Red Alert app via SMS
Cloudflare Threat Report warns that AI tools enable attackers who lacked required skills to generate effective attacks rapidly and at scale
Ariomex database reveals potential sanctions evasion and capital transfers tied to Iranian actors
Seemplicity finds US security leaders work 11 or more extra hours per week
Black Kite reveals 26,000 unnamed corporate victims linked to 136 third-party breaches
Zscaler ThreatLabz assessed with medium to high confidence that an Iranian adversary targeted Iraq’s Ministry of Foreign Affairs in a new cyber-attack
Google Chrome initiates quantum-resistant measures via Merkle Tree Certificates to secure HTTPS
John Hultquist suggests “aggressive” Iranian cyber attackers will target the US and its Gulf allies with plausibly deniable ransomware attacks, hacktivist campaigns and more
Military strikes in the Middle East escalate cyber ops, raising spillover risks globally for firms
Oasis Security reveals how a new ClawJacked vulnerability could allow attackers to silently take over a victim’s OpenClaw agent
Chainalysis reveals a big surge in median ransomware payment size in 2025 despite overall drop in criminal revenue
In early January 2026, KrebsOnSecurity revealed how a security researcher disclosed a vulnerability that was used to assemble Kimwolf, the world's largest and most disruptive botnet. Since then, the person in control of Kimwolf -- who goes by the handle "Dort" -- has coordinated a barrage of distributed denial-of-service (DDoS), doxing and email flooding attacks against the researcher and this author, and more recently caused a SWAT team to be sent to the researcher's home. This post examines what is knowable about Dort based on public information.
The security researchers from Zscaler ThreatLabz have also discovered five new tools deployed by the North Korean hacking group
The UK government says its new Vulnerability Monitoring Service has cut unresolved security flaws by 75% and reduced cyber-attack fix times from nearly two months to just over a week
International law enforcement operation led by Europol targets network of teenagers and young adults involved in ransomware attacks, extortion and other crimes
New botnet Aeternum shifted C2 operations to Polygon blockchain, complicating takedown efforts
2025 saw 32M phishing emails, with identity threats surpassing vulnerabilities
The UK’s Information Commissioner's Office is about to ditch single-leader model for CEO and board in a major shake-up
Datadog report reveals two-fifths of services are affected by exploitable bugs