Attackers from the Atomic Arch campaign infiltrate over 1,500 orphaned AUR packages with eBPF-based rootkits for credential theft, prompting Arch Linux to halt new account registrations.
OP-512 is the fourth China-linked group in 12 months to attack IIS servers, employing three proprietary web shells with cryptographic controls and automated callback functionality.
Three vulnerabilities in Fortinet FortiSandbox (CVE-2026-39813, CVE-2026-39808, CVE-2026-25089) are being actively exploited; two were patched since April 2026, the newest only a week old.
Microsoft’s benchmarking shows only marginal added value (under 0.05%) for additional email security tools, but experts emphasize that a percentage figure does not reveal the full risk picture and a single missed threat can be critical.
Cyber resilience is becoming a strategic business question, requiring CISOs to assume business responsibility and integrate regulatory requirements into governance processes.
At least 15 malicious plugins in the JetBrains Marketplace were designed to steal AI API keys from developers and gain access to internal corporate services.
Outsider, a Chinese phishing network, abused Gemini to mass-produce fraudulent SMS messages and websites, caused $1.9 billion in damages, and was shut down through U.S. law enforcement action.