threat-intelligence

MuddyWater pays for Russian CastleRAT malware

• malware
• threat-intelligence

MuddyWater pays for Russian CastleRAT malware

SC Staff April 13, 2026

According to JUMPSEC researchers, the operation hinges on a misconfigured command-and-control server that exposed both custom Iranian...

Read More Read more about MuddyWater pays for Russian CastleRAT malware

GlassWorm uses Zig binary to infect multiple IDEs

• threat-intelligence

GlassWorm uses Zig binary to infect multiple IDEs

SC Staff April 13, 2026

A stealthy new iteration of the GlassWorm campaign is infiltrating developer environments by weaponizing a counterfeit Visual...

Read More Read more about GlassWorm uses Zig binary to infect multiple IDEs

ShinyHunters claims Rockstar Games data breach via Snowflake and Anodot

• data-security
• threat-intelligence

ShinyHunters claims Rockstar Games data breach via Snowflake and Anodot

SC Staff April 13, 2026

The ShinyHunters group alleges that the breach was facilitated through Anodot, a SaaS platform for cloud cost...

Read More Read more about ShinyHunters claims Rockstar Games data breach via Snowflake and Anodot

We catch up on the news, including AI vuln hunting; also more RSAC interviews! – Mark Lambert, Samuel Hassine, John Wilson, Georges Bossert – ESW #454

• ai-benefitsrisks
• soc
• threat-intelligence

We catch up on the news, including AI vuln hunting; also more RSAC interviews! – Mark Lambert, Samuel Hassine, John Wilson, Georges Bossert – ESW #454

Adrian Sanabria April 13, 2026

Read More Read more about We catch up on the news, including AI vuln hunting; also more RSAC interviews! – Mark Lambert, Samuel Hassine, John Wilson, Georges Bossert – ESW #454

US Treasury to offer free cybersecurity intelligence to crypto firms

• threat-intelligence

US Treasury to offer free cybersecurity intelligence to crypto firms

SC Staff April 10, 2026

The U.S. Treasury Department's Office of Cybersecurity and Critical Infrastructure Protection has unveiled a new cyber threat...

Read More Read more about US Treasury to offer free cybersecurity intelligence to crypto firms

Advanced STX RAT sets sights on financial services industry

• malware
• threat-intelligence

Advanced STX RAT sets sights on financial services industry

SC Staff April 10, 2026

Advanced STX RAT sets sights on financial services industry Infosecurity Magazine reports that highly sophisticated tactics have...

Read More Read more about Advanced STX RAT sets sights on financial services industry

Hacker faux pas uncloaks North Korean IT worker scheme

• threat-intelligence

Hacker faux pas uncloaks North Korean IT worker scheme

SC Staff April 10, 2026

North Korea had one of its IT worker scams' secrets unravel after a hacker inadvertently executed information-stealing...

Read More Read more about Hacker faux pas uncloaks North Korean IT worker scheme

Report: US accounts for most PLCs subjected to Iranian targeting

• ot-security
• threat-intelligence

Report: US accounts for most PLCs subjected to Iranian targeting

SC Staff April 10, 2026

Almost 3,900, or nearly 75%, of 5,219 internet-exposed Rockwell Automation/Allen-Bradley programmable logic controllers used in critical infrastructure...

Read More Read more about Report: US accounts for most PLCs subjected to Iranian targeting

New Lua malware LucidRook targets Taiwanese NGOs

• malware
• threat-intelligence

New Lua malware LucidRook targets Taiwanese NGOs

SC Staff April 10, 2026

The attacks, discovered in October 2025, utilize RAR or 7-Zip archives with lures to deliver a dropper...

Read More Read more about New Lua malware LucidRook targets Taiwanese NGOs

Adobe Reader zero-day exploit used in months-long cyber campaign

• security-operations
• threat-intelligence
• vulnerability-management

Adobe Reader zero-day exploit used in months-long cyber campaign

SC Staff April 10, 2026

Cybersecurity researcher Haifei Li discovered a malicious PDF that prompted a call for community analysis due to...

Read More Read more about Adobe Reader zero-day exploit used in months-long cyber campaign