ThreatsDay Bulletin: GhostAd Drain, macOS Attacks, Proxy Botnets, Cloud Exploits, and 12+ Stories
The first ThreatsDay Bulletin of 2026 lands on a day that already feels symbolic — new year, new breaches, new…
Cyber Security
RondoDox Botnet Exploits Critical React2Shell Flaw to Hijack IoT Devices and Web Servers
Cybersecurity researchers have disclosed details of a persistent nine-month-long campaign that has targeted Internet of Things (IoT) devices and web…
How To Browse Faster and Get More Done Using Adapt Browser
As web browsers evolve into all-purpose platforms, performance and productivity often suffer. Feature overload, excessive background processes, and fragmented workflows…
Sunken Ships: Will Orgs Learn From Ivanti EPMM Attacks?
The April/May zero-day exploitations of Ivanti’s mobile device management platform meant unprecedented pwning of thousands of orgs by a Chinese…
Trust Wallet Chrome Extension Hack Drains $8.5M via Shai-Hulud Supply Chain Attack
Trust Wallet on Tuesday revealed that the second iteration of the Shai-Hulud (aka Sha1-Hulud) supply chain outbreak in November 2025…
DarkSpectre Browser Extension Campaigns Exposed After Impacting 8.8 Million Users Worldwide
The threat actor behind two malicious browser extension campaigns, ShadyPanda and GhostPoster, has been attributed to a third attack campaign…
When the Cloud Rains on Everyone’s IoT Parade
What happens to all of those always-connected devices and Internet of Things when the cloud goes down? Disruptions to sleep,…
Identity Security 2026: Four Predictions and Recommendations
Agentic AI adoption and identity security risks, IGA expands in mid-market, SOC-identity team collaboration, and identity platform consolidation—this 2026 predictions…
Contrarians No More: AI Skepticism Is on the Rise
Concerns about an economic bubble bursting, along with doubts regarding return on investment, suggest the tide may be turning for…
IBM Warns of Critical API Connect Bug Allowing Remote Authentication Bypass
IBM has disclosed details of a critical security flaw in API Connect that could allow attackers to gain remote access…