Author: Robbie
Cisco Talos Pairs Local AI Agents with Disassemblers to Automate Reverse Engineering
Cisco Talos has detailed a privacy-preserving approach to agentic reverse engineering that connects local AI agents to traditional analysis tools via COM…
Cloud Bucket Hijacking Technique Threatens Data Streams Across AWS, GCP, and Azure
Unit 42 researchers have disclosed a bucket hijacking method that exploits globally unique bucket names across major cloud providers, allowing attackers to…
Scattered Spider Members Plead Guilty on Day One of UK Trial
Two key members of the Scattered Spider cybercrime group admitted to hacking Transport for London and conspiring in a series of ransomware…
Malicious Skills Persist on ClawHub Despite AI Agent Marketplace Scanning
Unit 42 researchers found five undetected malicious skills in OpenClaw's ClawHub marketplace between February and May 2026, including macOS infostealers and novel…
How Windows COM Becomes a Weapon: A Technical Primer from Cisco Talos
Cisco Talos breaks down how threat actors exploit the Component Object Model for lateral movement, persistence, evasion, and more, offering reverse-engineering guidance…
Poland Arrests Four in SIM-Swapping Gang Behind Millions in Crypto Theft
Polish authorities, working with the FBI and HSI, have detained four members of a cybercrime group that breached telecom infrastructure and hijacked…
Phishing Campaign Hits Hotels in Europe and Asia with Node.js Implant
Microsoft has flagged an active phishing operation targeting hospitality organizations since April 2026, delivering a Node.js-based implant through photo-themed ZIP file lures.
Polymarket Hit by Supply Chain Attack, $3 Million in Crypto Stolen
A compromised third-party vendor injected a malicious script into Polymarket's frontend, enabling attackers to steal roughly $3 million from at least 11…
Klue Supply Chain Breach Widens as Extortion Takes a Chaotic Turn
Nearly two dozen confirmed victims have emerged from the Klue supply chain attack, while the threat actor behind the breach has reportedly…
PTC Windchill Flaw Exploited in the Wild, CISA Issues KEV Alert
A remote code execution vulnerability in PTC Windchill and FlexPLM is being actively exploited to deploy persistent webshells, marking the first confirmed…
Russian Intelligence Actors Evolve Signal Phishing to Steal Backup Recovery Keys
A campaign attributed to Russian Intelligence Services has expanded beyond account hijacking to trick high-value targets into surrendering their Signal Backup Recovery…
Uni-App Framework Underpins 236,000 Investment Scam Domains
Researchers at Infoblox have traced more than 236,000 scam-related second-level domains to a shared infrastructure built on the Chinese open-source framework Uni-App,…