ZionSiphon Malware Targets Israel’s Water Supply
A newly discovered piece of malware is raising serious alarms about the security of critical water infrastructure. Called ZionSiphon malware, it was built with one goal: to infiltrate and sabotage water treatment and desalination systems in Israel. Researchers at AI-powered cybersecurity firm Darktrace uncovered the threat and published a detailed analysis of its capabilities, its targets, and the political messaging
AgingFly Malware Hits Ukrainian Hospitals and Government
A newly discovered threat called AgingFly malware has been striking Ukrainian hospitals, emergency services, and local government bodies in a campaign that ran from March through April 2026. The attacks, identified by Ukraine's Computer Emergency Response Team (CERT-UA), are designed to steal login credentials, extract sensitive data from messaging apps, and hand attackers full remote control over infected systems. The
Storm Infostealer Hijacks Sessions Without Touching Passwords
A new malware called Storm infostealer appeared on criminal underground markets in early 2026, and it works differently from anything most security tools are built to catch. Instead of decrypting stolen browser data on the victim's machine, Storm ships the encrypted data to attacker-controlled servers and decrypts it there. Defenders have no visibility into that infrastructure. By the time the
LucidRook Malware Targets NGOs and Universities in Taiwan
A sophisticated new threat has emerged from the cybersecurity research community's radar. LucidRook malware is the name researchers have given to a newly identified tool used in highly targeted spear-phishing attacks against non-governmental organizations and universities in Taiwan. The attacks, first observed in October 2025, were not the work of opportunistic criminals. They bear the hallmarks of a disciplined, well-resourced
VENOM Phishing Campaign Targets Executives, Bypasses MFA
A sophisticated new phishing operation is going after the people at the top. The VENOM phishing campaign, uncovered by researchers at Abnormal AI, has been quietly targeting CEOs, CFOs, and other senior executives since at least November 2025. It uses a purpose-built platform to steal Microsoft 365 credentials and maintain access to corporate accounts — even after victims change their
Bitcoin Depot Data Breach: $3.6M in Bitcoin Stolen
The Bitcoin Depot data breach has put one of North America's largest crypto ATM operators in the spotlight for all the wrong reasons. Hackers broke into the company's internal systems and walked away with approximately 50.9 Bitcoin — worth around $3.665 million — from corporate settlement accounts. The company disclosed the incident via an SEC filing on April 8, 2026,
Drift Protocol Hack: North Korea’s $280M Long Con
The Drift Protocol hack stands as one of the most elaborate cryptocurrency thefts ever recorded. Attackers did not find a bug, write an exploit, and strike overnight. They spent six months building relationships, attending conferences, depositing real money, and embedding themselves inside a live trading platform before making their move. What Is Drift Protocol? Drift Protocol is a decentralized trading
Fake Claude Code Repos on GitHub Are Spreading Malware
Anthropic's accidental leak of the Claude Code source code on March 31 set off a frenzy of downloads across GitHub. Developers, researchers, and the simply curious all rushed to grab the exposed files. Criminals saw that rush and moved fast. Within 24 hours, fake GitHub repositories carrying Claude Code malware were live — and actively appearing in Google search results
NoVoice Malware Hits 2.3 Million Android Devices via Google Play
A new Android rootkit campaign called NoVoice malware has been discovered hiding inside more than 50 apps on Google Play. The apps collected at least 2.3 million downloads before being removed. Researchers warn that millions of devices may still be compromised. What Is NoVoice Malware? NoVoice malware is a rootkit. That means it burrows into the deepest layers of a
