ALL POSTS

Key Findings Apple is sending lock screen warnings to users with outdated iOS and iPadOS versions alerting them to active web-based exploits Exploit kits Coruna and DarkSword are actively targeting iOS versions 13 through 18.7, capable of stealing sensitive data through malicious links or compromised websites Users on iOS 13-14 must upgrade to iOS 15 and install critical security updates; iOS 15-16 devices received patches on March 11, 2026 Coruna shares code similarities wit

Key Findings WatchGuard researchers identified a phishing campaign targeting Venezuelan companies using malicious SVG image files BianLian ransomware group deploying malware via fake invoice attachments with Spanish filenames Attack chain uses ja.cat link shortening service to redirect through compromised Brazilian domains Malware written in Go language includes anti-analysis capabilities and high-speed AES encryption Campaign infrastructure includes four suspicious domains c

Here's the article in the requested format: Key Findings * Malicious Windsurf IDE extension targeting software developers * Uses Solana blockchain to retrieve encrypted malware instructions * Selectively avoids targeting systems with Russian connections * Steals passwords and browser session cookies * Creates persistent hidden task for continued system access Background A new cybersecurity threat has emerged targeting software developers through a sophisticated malware campai

Key Findings * GlassWorm campaign identified targeting developers through 72 malicious Open VSX extensions * Uses sophisticated supply-chain attack technique exploiting extension dependencies * Targets development environments to steal secrets and compromise systems * Employs advanced obfuscation and evasion techniques * Spans multiple platforms including Open VSX, GitHub, and npm registries Background The GlassWorm campaign represents an evolving threat in software supply ch