ZionSiphon Malware Targets Israel’s Water Supply
A newly discovered piece of malware is raising serious alarms about the security of critical water infrastructure. Called ZionSiphon malware, it was built with one goal: to infiltrate and sabotage water treatment and desalination systems in Israel. Researchers at AI-powered cybersecurity firm Darktrace uncovered the threat and published a detailed analysis of its capabilities, its targets, and the political messaging
AgingFly Malware Hits Ukrainian Hospitals and Government
A newly discovered threat called AgingFly malware has been striking Ukrainian hospitals, emergency services, and local government bodies in a campaign that ran from March through April 2026. The attacks, identified by Ukraine's Computer Emergency Response Team (CERT-UA), are designed to steal login credentials, extract sensitive data from messaging apps, and hand attackers full remote control over infected systems. The
Storm Infostealer Hijacks Sessions Without Touching Passwords
A new malware called Storm infostealer appeared on criminal underground markets in early 2026, and it works differently from anything most security tools are built to catch. Instead of decrypting stolen browser data on the victim's machine, Storm ships the encrypted data to attacker-controlled servers and decrypts it there. Defenders have no visibility into that infrastructure. By the time the
LucidRook Malware Targets NGOs and Universities in Taiwan
A sophisticated new threat has emerged from the cybersecurity research community's radar. LucidRook malware is the name researchers have given to a newly identified tool used in highly targeted spear-phishing attacks against non-governmental organizations and universities in Taiwan. The attacks, first observed in October 2025, were not the work of opportunistic criminals. They bear the hallmarks of a disciplined, well-resourced
VENOM Phishing Campaign Targets Executives, Bypasses MFA
A sophisticated new phishing operation is going after the people at the top. The VENOM phishing campaign, uncovered by researchers at Abnormal AI, has been quietly targeting CEOs, CFOs, and other senior executives since at least November 2025. It uses a purpose-built platform to steal Microsoft 365 credentials and maintain access to corporate accounts — even after victims change their
Bitcoin Depot Data Breach: $3.6M in Bitcoin Stolen
The Bitcoin Depot data breach has put one of North America's largest crypto ATM operators in the spotlight for all the wrong reasons. Hackers broke into the company's internal systems and walked away with approximately 50.9 Bitcoin — worth around $3.665 million — from corporate settlement accounts. The company disclosed the incident via an SEC filing on April 8, 2026,
US Cybercrime Losses Record: $16.6 Billion Lost in FBI Report
Americans lost more money to cybercrime in 2024 than ever before. The FBI's Internet Crime Complaint Center received over 859,000 complaints last year, with reported losses reaching a record $16.6 billion — a 33% surge from the year before. The US cybercrime losses record reflects not just more attacks, but more damaging ones, with the average victim losing nearly $19,400.
Who Ran REvil Ransomware? Germany Finally Has Answers
For years, one of the most feared names in cybercrime belonged to no one — at least, no one with a face or a real identity. That changed this week. Germany's Federal Criminal Police Office, the Bundeskriminalamt (BKA), has publicly identified two Russian nationals as the men who ran both GandCrab and REvil ransomware — the criminal operations that extorted
Drift Protocol Hack: North Korea’s $280M Long Con
The Drift Protocol hack stands as one of the most elaborate cryptocurrency thefts ever recorded. Attackers did not find a bug, write an exploit, and strike overnight. They spent six months building relationships, attending conferences, depositing real money, and embedding themselves inside a live trading platform before making their move. What Is Drift Protocol? Drift Protocol is a decentralized trading
