Available via Telegram, researchers warn ZeroDayRAT is a ‘complete mobile compromise toolkit’ comparable to kits normally requiring nation-state resources to develop. The post New ‘ZeroDayRAT’ Spyware Kit Enables Total Compromise of iOS, Android Devices appeared first on SecurityWeek.
Estimated to have infected 7,000 systems, the botnet uses a mass-compromise pipeline, deploying various scanners and malware. The post New ‘SSHStalker’ Linux Botnet Uses Old Techniques appeared first on SecurityWeek.
In 2023, the science fiction literary magazine Clarkesworld stopped accepting new submissions because so many were generated by artificial intelligence. Near as the editors could tell, many submitters pasted the magazine’s detailed story guidelines into an AI and sent in the results. And they weren’t alone. Other fiction magazines haveRead More »AI-Generated Text and the Detection Arms Race
January 5, 2026, Seattle, USA — ZAST.AI announced the completion of a $6 million Pre-A funding round. This investment came from the well-known investment firm Hillhouse Capital, bringing ZAST.AI’s total funding close to $10 million. This marks a recognition from leading capital markets of a new solution: ending the eraRead More »ZAST.AI Raises $6M Pre-A to Scale “Zero False Positive” AI-Powered Code Security
Affecting both RS and PRA, the bug can be exploited remotely via crafted requests without authentication. The post BeyondTrust Patches Critical RCE Vulnerability appeared first on SecurityWeek.
SmarterTools confirmed last week that the Warlock (aka Storm-2603) ransomware gang breached its network by exploiting an unpatched SmarterMail instance. The incident took place on January 29, 2026, when a mail server that was not updated to the latest version was compromised, the company’s Chief Commercial Officer, Derek Curtis, said.Read More »Warlock Ransomware Breaches SmarterTools Through Unpatched SmarterMail Server
The Netherlands’ Dutch Data Protection Authority (AP) and the Council for the Judiciary confirmed both agencies (Rvdr) have disclosed that their systems were impacted by cyber attacks that exploited the recently disclosed security flaws in Ivanti Endpoint Manager Mobile (EPMM), according to a notice sent to the country’s parliament onRead More »Dutch Authorities Confirm Ivanti Zero-Day Exploit Exposed Employee Contact Data
Fortinet has released security updates to address a critical flaw impacting FortiClientEMS that could lead to the execution of arbitrary code on susceptible systems. The vulnerability, tracked as CVE-2026-21643, has a CVSS rating of 9.1 out of a maximum of 10.0. “An improper neutralization of special elements used in anRead More »Fortinet Patches Critical SQLi Flaw Enabling Unauthenticated Code Execution
The funding was raised over Series A and seed funding rounds for its supply chain security solution. The post Lema AI Emerges From Stealth With $24 Million to Tackle Third-Party Risk appeared first on SecurityWeek.
The Cyber Security Agency (CSA) of Singapore on Monday revealed that the China-nexus cyber espionage group known as UNC3886 targeted its telecommunications sector. “UNC3886 had launched a deliberate, targeted, and well-planned campaign against Singapore’s telecommunications sector,” CSA said. “All four of Singapore’s major telecommunications operators (‘telcos’) – M1, SIMBA Telecom,Read More »China-Linked UNC3886 Targets Singapore Telecom Sector in Cyber Espionage Campaign
