Stay ahead of emerging threats with expert analysis from 84+ security articles, vulnerability reports, and cybersecurity insights — updated daily with the latest CVEs, threat actor campaigns, and security advisories. This week: Russian CTRL toolkit using named pipes for stealth persistence, Iran's Handala group breaching FBI Director email and deploying wiper malware, and critical LangChain/LangGraph AI stack vulnerabilities putting enterprise AI deployments at risk.
Cloudflare mitigated a record-breaking 31.4 Tbps DDoS attack from the AISURU/Kimwolf botnet, powered by 2 million compromised Android devices. DDoS attacks surged 121% in 2025 with 47.1 million incidents. The botnet spread via trojanized Android apps and fake Windows binaries.
Researchers discovered DockerDash, a critical vulnerability in Docker Ask Gordon AI feature that lets attackers execute code by hiding malicious instructions in image metadata. The attack exploits blind trust between the AI assistant and MCP Gateway. Patched in Docker Desktop 4.50.0.
Read moreEmail-stealing malware has become a cornerstone of modern espionage and cybercrime. Here's how these tools work, why attackers love them, and what you can do about it.
Read moreRussia's APT28 began exploiting Microsoft Office CVE-2026-21509 just 72 hours after disclosure, targeting Ukraine, Slovakia, and Romania with email-stealing malware and Covenant implants.
Read moreA high-severity Microsoft Office zero-day (CVE-2026-21509) is being actively exploited to bypass security controls designed to block risky COM and OLE content. Successful exploitation requires a user to open a malicious Office document, enabling follow-on payload execution and intrusion activity. Apply Microsoft's out-of-band update immediately or deploy the recommended registry-based mitigation if patching is delayed.
Read moreReact2Shell refers to a newly disclosed set of exploitation paths affecting React Server Components and modern server-side rendering workflows. In vulnerable implementations, attackers may escalate from user-driven application behavior into sensitive server-side execution, data access, or compromise of backend services. Organizations using RSC or SSR patterns should audit server-executed components, reduce dynamic execution paths, and apply strict validation and least-privilege controls.
Read moreOur CyberOne MobileAssess platform performs deep static analysis, source code decompilation, and runtime security testing for iOS and Android apps. From one-time assessments to year-long continuous testing, we find what surface-level scanners miss.
Subscribe to our newsletter and get the latest security insights delivered to your inbox.