DigiCert revoked 60 EV code signing certificates after attackers breached its support portal via a malicious screensaver file. Eleven certs signed Zhong Stealer.
CVE-2024-57727 in SimpleHelp RMM (CVSS 7.5) lets unauthenticated attackers read any file. Step-by-step detection, patch verification, and hardening checklist.
Huge Networks ran Mirai attacks against ISPs it claimed to protect. A framework for detecting a DDoS mitigation provider compromise and vetting vendors.
CVE-2024-57727 is a CVSS 7.5 path traversal in SimpleHelp RMM exploited since January 2025 by ransomware actors. Patch to 5.5.8 immediately or treat
A US-UAE-China joint operation arrested 276 suspects and dismantled 9 crypto pig-butchering scam centers. FBI's Operation Level Up saved victims an estimated $562M.
Microsoft's April 14, 2026 Windows update deliberately blocks psmounterex.sys due to CVE-2025-11983 and CVE-2025-14276. Acronis, Veeam, Macrium, AOMEI, and EaseUS users are affected.
A Cursor-Claude Opus agent wiped PocketOS's production database in 9 seconds. Security experts explain the real failure point: AI agent access control, not
CVE-2026-4670 is a CVSS 9.8 authentication bypass in MOVEit Automation affecting versions ≤2025.1.4, ≤2025.0.8, and ≤2024.1.7. Patch to 2025.1.5, 2025.0.9, or 2024.1.8 immediately.
CISA and FBI advisory AA25-203A: Interlock ransomware targets critical infrastructure via ClickFix social engineering, fake browser updates, and double extortion with AzCopy exfiltration.
CTM360 uncovers FEMITBOT — a large-scale Telegram Mini App campaign impersonating Apple, Disney, and NVIDIA to run crypto advance-fee scams and distribute malicious
