Whats The Hax?

“Legitimate” phishing: how attackers weaponize Amazon SES to bypass email security 2h ago Kaspersky expert breaks down a new phishing scheme that uses the Amazon SES cloud email service. Let’s look at some examples to see how you can tell a phishing email from a real one. Silver Fox uses the new ABCDoor backdoor to target organizations in Russia and India 4d ago The Silver Fox group is targeting companies in Russia and India by impersonating tax authorities to distribute ValleyRAT and the new ABCDoor backdoor. PhantomRPC: A new privilege escalation technique in Windows RPC 10d ago Kaspersky researcher discovered a vulnerability in RPC architecture that enables an attacker to create a fake RPC server and escalate their privileges. FakeWallet crypto stealer spreading through iOS apps in the App Store 14d ago In March 2026, we uncovered more than twenty phishing apps in the Apple App Store masquerading as popular crypto wallets. Threat landscape for industrial automation systems in Q4 2025 18d ago The report contains industrial threat statistics for Q4 2025. It covers various infection vectors and malware types, as well as regional statistics and statistics by industry. JanelaRAT: a financial threat targeting users in Latin America 21d ago Kaspersky GReAT experts describe the latest JanelaRAT campaign detailing infection chain and malware functionality updates. The long road to your crypto: ClipBanker and its marathon infection chain 25d ago Threat actors are distributing a Trojan disguised as Proxifier software; through a multi-stage infection chain, it delivers ClipBanker – malware that replaces cryptocurrency wallet addresses in the clipboard. Financial cyberthreats in 2025 and the outlook for 2026 26d ago In this report, Kaspersky experts share their insights into the 2025 financial threat landscape, including regional statistics and trends in phishing, PC malware, and infostealers. A laughing RAT: CrystalX combines spyware, stealer, and prankware features 33d ago Kaspersky researchers analyze a new CrystalX RAT distributed as MaaS and featuring extensive spyware, stealer, and prankware capabilities. An AI gateway designed to steal your data 39d ago Dissecting the supply chain attack on LiteLLM, a multifunctional gateway used in many AI agents. Explaining the dangers of the malicious code and how to protect yourself.

The Iran War: What You Need to Know 3d ago Insikt Group tracks the cyber, physical, and geopolitical components of the US-Israeli strikes on Iran — with continuously updated threat analysis and scenarios. Risk Scenarios for the US’s Strategic Pivot 4d ago The United States (US) is shifting toward a more force-driven security strategy primarily relying on military operations and economic pressure to counter transnational criminal organizations and limit Chinese, Russian, and Iranian influence... Building with AI: Here's What No Briefing Will Tell You 4d ago What building with AI for three months revealed about four leadership blind spots executives can't afford to ignore: the comprehension gap, eroding competitive moats, deployment complexity, and what "senior" really means now. The Money Mule Solution: What Every Scam Has in Common 6d ago Learn how mule account intelligence — not tactic-tracking — is the most effective lever for preventing APP fraud before funds move. Lazarus Doesn't Need AGI 6d ago Explore the 2026 Claude Mythos breach, supply chain risks, and the $2B+ crypto theft pipeline. From Overwhelmed to Autonomous: Rethinking Threat Intelligence in 2026 10d ago For most security teams today, volume and access to intelligence isn’t the problem. It’s the speed at which they can turn that intelligence into action. . Critical minerals and cyber operations 11d ago Learn how critical minerals and rare earth elements (REEs) are evolving from commodities into strategic flashpoints. Explore the geopolitical risks of China’s refining dominance, the race for resources in the Arctic and space, and the risin... Today, trust is the superpower that makes innovation possible 11d ago How better intelligence and collaboration can unlock new opportunities for growth and greater financial health for more people. Evolution of Chinese-Language Guarantee Telegram Marketplaces 12d ago Chinese-language, Telegram-based “guarantee” marketplaces are increasingly popular among Chinese-speaking criminal groups despite the widely publicized shutdown of Huione Guarantee in 2025. AI Hype vs. Reality: Is AI Really Rewriting the Vulnerability Equation? 12d ago AI vulnerability research and discovery capabilities are improving, but they have not changed the fundamentals of vulnerability management. Emerging Enterprise Security Risks of AI 13d ago 4 Essential Integration Workflows for Operationalizing Threat Intelligence Recorded Future 17d ago From Bazooka to Fake Nikes 18d ago Your Supply Chain Breach Is Someone Else's Payday 19d ago Iran War: Future Scenario and Business Implications 20d ago A New Way to Buy Recorded Future: Solutions and Packages Built for the 2026 Threat Landscape 20d ago March 2026 CVE Landscape: 31 High-Impact Vulnerabilities Identified, Interlock Ransomware Group Exploits Cisco FMC Zero-Day 21d ago VIP Credential Monitoring Blog 24d ago Third-Party Risk Is an Intelligence Operation. It's Time We Treated It Like One. 25d ago Understanding and Anticipating Venezuelan Government Actions 26d ago

This month in security with Tony Anscombe – April 2026 edition 4d ago The calm before the ransom: What you see is not all there is 10d ago GopherWhisper: A burrow full of malware 11d ago New NGate variant hides in a trojanized NFC payment app 13d ago What the ransom note won’t say 14d ago That data breach alert might be a trap 17d ago Supply chain dependencies: Have you checked your blind spot? 18d ago Recovery scammers hit you when you’re down: Here’s how to avoid a second strike 24d ago As breakout time accelerates, prevention-first cybersecurity takes center stage 27d ago Digital assets after death: Managing risks to your loved one’s digital estate 33d ago This month in security with Tony Anscombe – March 2026 edition 34d ago RSAC 2026 wrap-up – Week in security with Tony Anscombe 38d ago A cunning predator: How Silver Fox preys on Japanese firms this tax season 38d ago Virtual machines, virtually everywhere – and with real security gaps 40d ago Cloud workload security: Mind the gaps 41d ago Move fast and save things: A quick guide to recovering a hacked account 45d ago EDR killers explained: Beyond the drivers 46d ago Face value: What it takes to fool facial recognition 52d ago Cyber fallout from the Iran war: What to have on your radar 52d ago Sednit reloaded: Back in the trenches 55d ago

Claude Mythos Fears Startle Japan's Financial Services Sector 5d ago AI-Era Threats Spread Beyond Email Into SaaS, Collaboration Apps, and AI Assistants 6d ago Proofpoint Research Reveals Half of Global Organizations Experienced AI Incidents Despite Having AI Security Controls in Place 6d ago Inaugural global study finds more than half of organizations are not fully confident their AI security controls would detect compromised AI Clear market trend for software providers to help with AI: Proofpoint CEO 10d ago Sumit Dhawan, Proofpoint CEO, joins 'Closing Bell' to discuss ServiceNow's quarterly earnings results, if Anthropic's Mythos makes incumbent players more important and much more. Proofpoint CEO on AI Security Innovations | Nasdaq at RSAC 2026 12d ago Cargo thieving hackers running sophisticated remote access campaigns, researchers find 17d ago Freight Hacker Wields Code-Signing Service to Evade Defenses 18d ago Sumit Dhawan on NYSE Floor Talk | Proofpoint AI Security 18d ago FIFA World Cup 2026: More than One-Third of Official Partners Expose the Public to the Risk of Email Fraud 20d ago Analysis by cybersecurity company Proofpoint reveals that while most partners have implemented baseline email authentication, many are still not proactively blocking fraudulent emails that Microsoft 365 mailbox rules abused for exfiltration, persistence 20d ago

Kuse Web App Abused to Host Phishing Document 5d ago Bad actors took advantage of the legitimate name and services of Kuse, a popular AI-based app designed for workplaces. The attackers exploited the users’ trust in Kuse to carry out a phishing attack. Void Dokkaebi Uses Fake Job Interview Lure to Spread Malware via Code Repositories 13d ago The Vercel Breach: OAuth Supply Chain Attack Exposes the Hidden Risk in Platform Environment Variables 14d ago Identity Protection in the AI Era 21d ago Learn about a proactive, identity-first security approach that integrates visibility, threat detection and response, zero trust enforcement, AI protection, and threat intelligence into a unified model. U.S. Public Sector Under Siege: Threat Intelligence for Q1 2026 25d ago Discover how TrendAI Vision One™ empowers government agencies and educational institutions with advanced visibility, intelligence, and automation to stay ahead of evolving public sector threats. Claude Code Packaging Error Remains a Lure in an Active Campaign: What Defenders Should Do 27d ago Weaponizing Trust Signals: Claude Code Lures and GitHub Release Payloads 31d ago TrendAI Insight: New U.S. National Cyber Strategy 33d ago Explore the White House National Cyber Strategy and its six pillars to strengthen U.S. cybersecurity—covering deterrence, regulation, federal modernization, critical infrastructure protection, AI leadership, and workforce development. The Real Risk of Vibecoding 34d ago Axios NPM Package Compromised: Supply Chain Attack Hits JavaScript HTTP Client with 100M+ Weekly Downloads 34d ago TrendAI™ Research at RSAC 2026: Advancing Defense Across AI‑Driven and Cyber‑Physical Threats 34d ago TeamPCP’s Telnyx Attack Marks a Shift in Tactics Beyond LiteLLM 35d ago Your AI Gateway Was a Backdoor: Inside the LiteLLM Supply Chain Compromise 39d ago Pawn Storm Campaign Deploys PRISMEX, Targets Government and Critical Infrastructure Entities 39d ago Your AI Stack Just Handed Over Your Root Keys: Inside the litellm PyPI Breach 40d ago Copyright Lures Mask a Multi‑Stage PureLog Stealer Attack on Key Industries 46d ago Why East-West Visibility Matters for Grid Security 47d ago From Misconfigured Spring Boot Actuator to SharePoint Exfiltration: How Stolen Credentials Bypass MFA 47d ago TrendAI™ Supports Global Law Enforcement Efforts 49d ago Web Shells, Tunnels, and Ransomware: Dissecting a Warlock Attack 49d ago

Student Loan Breach Exposes 2.5M Records 1341d ago 2.5 million people were affected, in a breach that could spell more trouble down the line. Watering Hole Attacks Push ScanBox Keylogger 1342d ago Researchers uncover a watering hole attack likely carried out by APT TA423, which attempts to plant the ScanBox JavaScript-based reconnaissance tool. Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms 1343d ago Over 130 companies tangled in sprawling phishing campaign that spoofed a multi-factor authentication system. Ransomware Attacks are on the Rise 1346d ago Lockbit is by far this summer’s most prolific ransomware group, trailed by two offshoots of the Conti group. Cybercriminals Are Selling Access to Chinese Surveillance Cameras 1347d ago Tens of thousands of cameras have failed to patch a critical, 11-month-old CVE, leaving thousands of organizations exposed. Twitter Whistleblower Complaint: The TL;DR Version 1348d ago Twitter is blasted for security and privacy lapses by the company’s former head of security who alleges the social media giant’s actions amount to a national security risk. Firewall Bug Under Active Attack Triggers CISA Warning 1349d ago CISA is warning that Palo Alto Networks’ PAN-OS is under active attack and needs to be patched ASAP. Fake Reservation Links Prey on Weary Travelers 1350d ago Fake travel reservations are exacting more pain from the travel weary, already dealing with the misery of canceled flights and overbooked hotels. iPhone Users Urged to Update to Patch 2 Zero-Days 1353d ago Separate fixes to macOS and iOS patch respective flaws in the kernel and WebKit that can allow threat actors to take over devices and are under attack. Google Patches Chrome’s Fifth Zero-Day of the Year 1354d ago An insufficient validation input flaw, one of 11 patched in an update this week, could allow for arbitrary code execution and is under active attack.