The escalation of Iranian cyber activity targeting critical infrastructure has become a defining feature of the 2026 threat landscape, prompting urgent warnings from U.S. government agencies and cybersecurity firms. Recent joint advisories from the FBI, CISA, NSA, and international partners highligh
Magento merchants face a rapidly escalating threat landscape. Attackers now combine newly disclosed exploitation techniques with stealthy payment skimmers to compromise online stores at scale. These incidents are often referred to as Magecart attacks. Sansec security researchers report that threat a
Iranian threat actors have increasingly adopted ransomware-like tactics. These are not purely criminal enterprises, but instruments of statecraft. Over the past several years, and especially amid escalating geopolitical tensions, these actors have refined a hybrid model, which blends cybercrime tech
Cyber and kinetic warfare have merged into a new phase. Internet-connected devices, especially IP cameras, are now both intelligence assets and strategic risks. Recent events in the 2026 Middle East conflict show how compromised surveillance, coordinated cyberattacks, and DDoS campaigns are changing
A supply chain attack campaign attributed to the TeamPCP threat group marks one of the most consequential and fast-moving compromises of modern software development infrastructure. The attackers targeted trusted developer tools and open-source ecosystems. This campaign showed how a single foot
The emergence of VoidStealer marks a significant evolution in the infostealer malware landscape. It demonstrates how quickly threat actors adapt to defensive innovations. By using a novel debugger-based technique to bypass Google Chrome's Application-Bound Encryption (ABE), VoidStealer highlights th
A newly uncovered iOS exploitation framework called DarkSword is reshaping the mobile threat landscape. It signals a shift from targeted espionage tools to scalable, multipurpose attack infrastructure. Joint research from Google Threat Intelligence Group (GTIG) and Lookout shows how advanced exploit
A financially motivated threat actor is leveraging deceptive websites and weaponized software installers to steal corporate VPN credentials, underscoring the rising sophistication of social-engineering-based cyber intrusions. Security researchers recently uncovered a campaign in which attackers dis
Cybercriminals continue to refine mobile malware campaigns by blending social engineering, financial fraud, and covert resource exploitation into a single attack chain. A newly identified Android malware strain, BeatBanker, demonstrates this evolution by combining banking Trojan capabilities, crypto
Cybercriminals are increasingly exploiting the popularity of AI development tools to distribute malware through sophisticated social engineering campaigns. Security researchers recently uncovered a new attack technique, InstallFix, that leverages fake installation guides for popular command-line too