Latest Internet & Cybersecurity News
New ransomware families hit Windows, Linux, BSD, ARM, and ESXi
A new ransomware-as-a-service operation called VanHelsing has emerged, targeting a broad range of enterprise platforms including Windows, Linux, BSD, ARM, and VMware ESXi. Security researchers say its cross-platform reach makes it especially dangerous for mixed-infrastructure environments.
Kraken ransomware expands across enterprise environments
Cisco Talos reports an emerging ransomware group, Kraken, associated with the remnants of HelloKitty, is targeting Windows, Linux, and VMware ESXi systems. The campaign highlights the continued evolution of enterprise-focused ransomware with multi-OS attack capability.
Hackers exploit Entra ID accounts to steal Microsoft 365 and Azure data
Recent reporting says attackers are abusing Entra ID accounts to gain access to Microsoft 365 and Azure environments. The activity underscores how identity compromise remains a high-value path into cloud services and sensitive corporate data.
Phishing kits are using Telegram for credential theft and evasion
Researchers at Group-IB uncovered multi-stage phishing kits that automate credential theft while using Telegram to exfiltrate data and evade detection. The tactics show how cybercriminals are industrializing phishing operations with messaging-platform infrastructure.
Washington Post discloses Oracle E-Suite breach affecting thousands
The Washington Post said an external compromise of its Oracle E-Suite exposed data belonging to more than 9,700 employees and contractors. The disclosure adds to a growing list of enterprise software breaches affecting large organizations and their workforces.
Critical Imunify360 flaw threatens millions of Linux-hosted websites
A critical remote code execution vulnerability in Imunify360 AV has been patched after researchers found it could expose roughly 56 million websites to attack. Hosting providers are being urged to prioritize patching and review defenses around Linux-based web infrastructure.
Construction firms become a major target for credential theft
Threat actors including state-backed groups and ransomware operators are increasingly targeting construction companies for RDP, SSH, and Citrix credentials. The trend shows that sectors outside traditional high-tech industries are still highly exposed to credential-based intrusions.
Microsoft Teams update may widen phishing and malware exposure
Microsoft is preparing a Teams feature that lets users initiate chats with anyone using only an email address. Security watchers warn this convenience could also create new opportunities for phishing, impersonation, and malware delivery.
Travel-brand phishing campaign uses more than 4,300 malicious domains
A Russian-speaking threat actor has registered over 4,300 malicious domains in a phishing operation targeting travelers. The scale of the campaign suggests a broad effort to harvest credentials and payment information through impersonation of travel brands.
AI agents raise new cybersecurity and control concerns
Coverage from CKGSB notes that agentic AI systems can access email, calendars, browsers, cloud storage, and enterprise databases, greatly expanding the attack surface. Regulators and organizations are increasingly worried that AI hallucinations or compromise could lead to real-world actions like data deletion, fraudulent messages, or unauthorized purchases.
OpenClaw adoption sparks security restrictions in China
The rise of OpenClaw and similar agentic AI tools has triggered concerns about control, cybersecurity, and misuse. Reports say some organizations have restricted use after security issues emerged, reflecting broader anxiety over autonomous systems with broad system access.
Global CISO staffing gap remains a major security issue
A 2026 CISO report highlights that the world has about 35,000 CISOs, only a modest increase from 2023, indicating persistent leadership shortages. The report argues that MSPs and MSSPs are increasingly needed to help close the CISO gap for under-resourced organizations.