North Korea’s Labyrinth Chollima, one of the regime’s most active cyber threat actors, has recently been reclassified by researchers into three distinct but related hacking groups. This restructuring, identified by cybersecurity firm CrowdStrike, shows how North Korea is professionalizing and specializing its offensive cyber operations. What was once tracked under a single name is now…
President Trump’s second term has ramped up immigration enforcement, with ICE leading mass deportations exceeding 350,000 people in the past year. Raids target homes, workplaces, and parks, sparking protests nationwide. ICE relies on advanced surveillance tech to track and identify targets, often pushing legal boundaries like warrantless home entries, which experts argue breach Fourth Amendment…
The gap between identity and data security is shrinking fast, creating major headaches for cybersecurity teams. A recent Netwrix report warns that by 2026, attackers will scale identity attacks to breach data defenses, especially as agentic AI takes center stage. This convergence means identity workflows like provisioning, token checks, and privilege controls directly guard sensitive…
CISA added CVE 2024 37079, a severe VMware vCenter Server vulnerability, to its Known Exploited Vulnerabilities catalog on January 23, 2026, confirming active real world attacks. This heap based buffer overflow allows unauthenticated remote code execution, posing major risks to enterprise virtualization environments. What Makes CVE 2024 37079 Dangerous This critical flaw carries a CVSS…
A freshly discovered strongmalicious PyPI package strong is impersonating SymPy, the go-to library for symbolic math in Python. This sneaky upload deceives developers into installing it, unleashing an XMRig cryptocurrency miner on Linux machines. Dubbed sympy dev and uploaded January 17, 2026, it has snagged over 1,100 downloads in days. Such strong malicious PyPI tactics…
A new cybersecurity campaign shows how attackers are skipping custom malware altogether and instead abusing trusted tools like Remote Monitoring and Management (RMM) software to gain long term access to victim systems. In this dual phase attack, hackers first steal email credentials through a phishing campaign, then use those logins to silently install and control…
The UK’s National Health Service (NHS) has issued a clear, firm open letter to its suppliers: if you provide systems and services to the NHS, your cybersecurity cannot be an afterthought anymore. In a move to strengthen the entire health and social care ecosystem, NHS leaders are now planning direct, risk‑focused conversations with suppliers, pushing…
Artificial intelligence ruled 2025, and it is already setting the stage for the future of cybersecurity in 2026. Despite these risks, AI will not just empower attackers; it will also become a powerful ally for defenders and a core pillar of the future of cybersecurity. Businesses that successfully harness AI-driven detection, response, and automation will be better positioned to anticipate threats rather than simply react to them. Experts predict that 2026 will…
