Advertisement

CVE-2026-48558: SimpleHelp OIDC Authentication Bypass & Malware
Threat actors are actively exploiting CVE-2026-48558, a critical SimpleHelp OpenID Connect authentication bypass vulnerability, to deploy TaskWeaver and Djinn Stealer

WhatsApp VBScript Campaign Installs ManageEngine RMM — Technical Guide
Attackers are targeting WhatsApp Desktop users with malicious VBScripts to install ManageEngine RMM, enabling unauthorized remote access and control.
UNC3753 Targets US Law Firms with Vishing & Physical Intrusions
UNC3753 (Luna Moth) leverages vishing and physical office intrusions to steal sensitive data from US law firms and professional services, leading to swift extortion.

Stealthy Phishing Abuses ConnectWise ScreenConnect, AnyDesk RMM
Attackers leverage legitimate RMM tools like ConnectWise ScreenConnect and AnyDesk in a sophisticated phishing campaign, impacting over 80 organizations and evading