Home

Outpost24 faced an advanced 7-stage phishing attack targeting a C-level executive. Orchestrated using the Kratos phishing-as-a-service kit, it exploited reputable brands and elaborate tactics to bypass security layers. Ironically, Outpost24’s own threat intelligence detected the attempted breach before any damage occurred, highlighting even defenders aren’t exempt from threats…

Storm-2561 spoofs VPN sites to steal corporate logins by pushing fake downloads via SEO poisoning. Targeting Ivanti, Cisco, and Fortinet users, the campaign uses side-loading to deploy malware, bypassing security tools. Microsoft exposed this in January 2026, urging organizations to act swiftly to prevent credential compromise…

Poland’s National Centre for Nuclear Research faced a cyberattack in March 2026. Authorities blocked the intrusion, initially linking it to Iran. Experts caution against false flag operations and stress the vulnerability of nuclear facilities. Learn how critical infrastructure can protect itself against rising cyber threats…

Iran-linked hackers targeted Stryker, a U.S. medical device company, marking the first major cyberattack since the Iran-U.S. conflict began. The group Handala claimed responsibility, causing disruptions globally. As tensions escalate, Western organizations face increased risks, signaling the start of a broader cyber campaign…

The critical n8n RCE vulnerability, CVE-2025-68613, is being actively exploited, exposing over 24,700 instances. CISA has listed it in the KEV catalog, urging immediate patching. With a CVSS score of 9.9 to 10.0, this flaw demands urgent attention from users to protect their systems from compromise…

Telus Digital confirmed a massive breach after hackers claimed to steal nearly 1 petabyte of data. Exploiting Google Cloud Platform credentials, they accessed critical systems. If your business uses Telus, your customer data may be at risk. This breach highlights third-party vendor risks…