RedHook Android RAT Weaponizes Wireless ADB for Shell Access
Group-IB reveals RedHook banking trojan now exploits Android's Wireless Debugging to gain shell privileges without rooting. Active in Southeast Asia with 53 remote commands.
Group-IB reveals RedHook banking trojan now exploits Android's Wireless Debugging to gain shell privileges without rooting. Active in Southeast Asia with 53 remote commands.
A misconfigured hacker server exposed 22 days of logs revealing a webshell access-brokerage operation that compromised over 25,000 WordPress sites using 27 weaponized CVEs.
Zimbra urges immediate patching for a stored XSS flaw in Classic Web Client that executes malicious code when users open crafted emails. Google TAG reported the vulnerability.
Researchers demonstrate how malicious instructions hidden in PNG images can hijack AI coding assistants to exfiltrate credentials. Claude Code resisted the attack while Cursor and others complied.
Progress Software tells ShareFile customers to immediately shut down Storage Zone Controllers due to a credible security threat. The company disabled affected accounts while investigating.
Attackers hijacked the jscrambler npm package to deploy a cross-platform Rust infostealer that harvests credentials from AI coding assistants, cloud platforms, and crypto wallets.
Binarly uncovers six vulnerabilities in U-Boot's FIT signature verification present since 2013, affecting millions of BMCs, routers, and IoT devices. Patches exist but downstream adoption lags.
China-based threat actor Lurking Lizard operates 230+ lookalike domains serving trojanized 7-Zip installers and the WireVPN app to recruit victims into a residential proxy botnet without consent.
Insurance provider AssuranceAmerica disclosed a data breach affecting 6.9 million customers—the largest known exposure of driver's license numbers in 2026. Attackers compromised employee credentials.
INTERPOL's Operation First Light 2026 led to 5,811 arrests across 97 countries, seizing $293 million from social engineering fraud networks including BEC, romance scams, and crypto laundering operations.
Learn about ransomware, phishing, malware, and essential online safety practices.
Curated books, tools, and resources to deepen your cybersecurity knowledge.
Get the latest cybersecurity news delivered to your inbox.