Security Insights

Breaches, ransomware and regulation — analysed the day they break, with the practical lessons your team can act on. Free to read, no account required.

A photoreal editorial close-up of a tangled cluster of consumer routers, IP cameras, and small set-top boxes sitting on
Threats
5 min read
30 Jun 2026

RustDuck Botnet Has Been Building a DDoS Swarm Since February 2026 — and It's Evolving Faster Than It's Growing

QiAnXin's XLab team has identified a Rust-written, two-stage botnet called RustDuck quietly enlisting home routers, IP cameras, Android TV boxes, and exposed Linux servers into a DDoS-for-hire operation. The headline isn't the size of the swarm. It's how fast the code is changing.

A close-up photoreal shot of hands hovering over a laptop keyboard in a dimly lit office, the glow of a browser address
Threats
4 min read
30 Jun 2026

Fake Perplexity Chrome Extension Sent Every Address Bar Keystroke to an Attacker Server

Microsoft's threat research team caught a malicious Chrome extension impersonating Perplexity AI — one that silently intercepted omnibox input, character by character, before users ever saw a search result.

A photoreal editorial scene of a glowing laptop screen displaying green terminal code in a dimly lit developer workspace
Threats
4 min read
29 Jun 2026

Hijacked npm Packages Abuse VS Code Tasks to Drop Cross-Platform Python Infostealer

JFrog researchers found attackers who compromised two legitimate npm maintainer accounts and built a Go module cluster to deliver a Python stealer — hiding execution inside VS Code workspace task definitions rather than the lifecycle hooks most tools actually scan.

A photorealistic editorial scene showing a close-up of a smartphone lying face-up on a cold metal table in a sparse, dim
Threats
5 min read
28 Jun 2026

Russia Used Cellebrite Against an Activist, Five Eyes Sounded an AI Alarm, and Scattered Spider Pleaded Guilty — Here Is What Defenders Should Do Next

Four security developments from one week paint a coherent picture: surveillance tools reach beyond their intended users, AI threats are operational not theoretical, Mac endpoints carry real risk, and social-engineering crews face real prison time.

Photoreal editorial scene: a darkened server room bathed in cold blue light, rows of network hardware with blinking ambe
Threats
4 min read
28 Jun 2026

ASIO: State Hackers Stole IT Staff Credentials at Australian Critical Infrastructure Site

Australia's domestic intelligence chief confirmed a foreign state actor had harvested valid login credentials from privileged IT accounts inside a critical infrastructure operator — and was positioned for sabotage, not passive surveillance.

Photoreal editorial scene: a darkened government server room in Southeast Asia, rows of illuminated rack-mounted servers
Threats
5 min read
28 Jun 2026

New TinyRCT Backdoor Targets Southeast Asian Energy and Government Networks in Stealthy Chinese-Speaking Campaign

Palo Alto Networks Unit 42 has identified a previously unknown implant — TinyRCT — deployed by an intrusion cluster called CL-STA-1062 against state-owned energy enterprises and government ministries across Southeast Asia.

Photoreal editorial scene: a dimly lit government office at night, a serious professional in civilian clothes staring at
Threats
4 min read
27 Jun 2026

Russia Ran Fake Messenger Support Scams Against Officials Across Three Continents, SSU and FBI Say

GRU and FSB-linked operators impersonated tech-support staff and trusted contacts to hijack Signal, Telegram, and WhatsApp accounts belonging to soldiers, politicians, and activists in Ukraine, Europe, and the United States.

A photoreal editorial scene of a darkened government operations center in Asia at night, multiple monitors displaying ne
Threats
4 min read
27 Jun 2026

SharkLoader: A Custom-Built Stager Is Planting Cobalt Strike Beacon on Asian Government Networks

Kaspersky researchers tracking a campaign called StrikeShark have identified a previously undocumented loader family dropping Cobalt Strike Beacon on a diplomatic organization in Indonesia and government targets in Taiwan — a targeting profile that points squarely to state-sponsored espionage.

A close-up editorial photograph of a person's hands holding a smartphone displaying a blurred messaging app settings scr
Threats
5 min read
26 Jun 2026

GRU Phishing Campaign Targets Signal's Backup Recovery Key — And the Key Never Expires

The FBI and CISA have updated their advisory on Russian intelligence operators targeting Signal users, warning that attackers have shifted tactics from linked-device hijacking to stealing the Backup Recovery Key — a credential that grants permanent, silent access to a user's full message history.

A lone executive in a dark suit walks through a modern glass-walled corporate security operations centre at dusk, multip
Threats
4 min read
26 Jun 2026

Philip Martin Joins Uber as CISO, Bringing Crypto and Defence Credentials to a Chair With History

The former Coinbase security chief takes over at Uber — a company whose breach record, regulatory scrutiny, and expanding data footprint make the hire one of the more consequential CISO appointments in recent memory.

A close-up, photoreal editorial shot of a laptop screen displaying a browser window with a puzzle-piece extension icon g
Threats
5 min read
26 Jun 2026

Featured Chrome Extension 'Adblock for YouTube' Carries Hidden Remote-Execution Capability — 10 Million Users at Risk

A widely installed ad-blocking extension holds code that can fetch and run arbitrary JavaScript on any page a user visits. No malicious payload has been observed yet. That 'yet' is the problem.

A photoreal editorial scene inside a dimly lit corporate server room at night, a hooded figure reflected faintly in a ra
Threats
5 min read
25 Jun 2026

Mistic Backdoor: How an Access Broker Is Selling Footholds to Qilin, Akira, and Black Basta

A threat group called Woodgnat has deployed a custom in-memory backdoor since at least April 2025, quietly auctioning enterprise access to some of the most active ransomware gangs operating today.

Ready to Reduce Your Human Cyber Risk?

Sign up and start training your team in minutes. No sales calls, no demos — just pick a plan and go. Phishing simulations, video courses, and certificates from day one.

train2secure analytics dashboard showing training completion stats and user progress