Cybercriminals are now exploiting AdaptixC2, a tool initially designed for ethical hacking, in widespread ransomware activities. This free adversarial emulation framework has become a favorite among digital miscreants, with detection signatures linking it to CountLoader. AdaptixC2 is proving that even the best-laid security tools can go rogue.

Hackers are targeting finance executives with LinkedIn phishing attacks, posing as executive board invites to steal Microsoft credentials. The campaign cleverly uses fake LinkedIn messages to lure victims into a web of redirects and fake login pages. Stay cautious of unsolicited messages offering business opportunities and always verify the legitimacy of such offers.

CISA and NSA’s guidance on hardening Microsoft Exchange servers is like the cybersecurity version of Marie Kondo—declutter outdated systems, embrace best practices, and spark joy by reducing attack surfaces. They recommend decommissioning end-of-life Exchange servers to avoid becoming a hacker’s favorite playground. Because nothing says “welcome” like an unpatched server!

A severe vulnerability in Chromium’s Blink engine, dubbed Brash, can crash browsers like Google Chrome, Microsoft Edge, and others in seconds. Exploiting DOM operations, it bombards the browser with millions of updates, causing chaos. Mozilla Firefox and Apple Safari remain blissfully immune to Brash’s crashing party.

Spektrum Labs has launched from stealth mode with its Spektrum Fusion platform, using AI agents to prove cyber resilience with cryptographic evidence. Having secured $10 million in seed funding, the platform validates security posture, integrates with third-party solutions, and offers early access applications at no initial cost.

PhantomRaven strikes npm registry with invisible menace! This supply chain attack uses sneaky Remote Dynamic Dependencies to fetch malicious code on installation. With over 86,000 downloads, it’s a developer’s nightmare hidden in plain sight. Watch out for those oddly innocent package names—your credentials depend on it!

Reflectiz, the web exposure management firm, just raised $22 million in Series B funding, bringing their total to $28 million. Led by Fulcrum Equity Partners, this round will help Reflectiz expand globally and enhance their platform’s capabilities. They’re on a mission to tackle the hidden dangers of third-party tools.

Conduent is notifying 4.5 million people about a data breach involving stolen personal information, including names and Social Security numbers. In a plot twist, the company chose not to offer free identity theft protection services. Instead, they suggest a DIY approach: free credit reports and security freezes. Who needs protection when you have a to-do…

Shadow AI is the rebellious sibling of shadow IT, sneaking into workplaces with unauthorized AI tools. According to the 1Password 2025 Annual Report, 27% of employees have dabbled with unapproved AI, proving that even in the tech world, rules are meant to be bent—especially when productivity is on the line.

Security isn’t about design, it’s about reaction. At the Picus Breach and Simulation (BAS) Summit, experts emphasized that effective cyber defense means validating responses, not just ticking boxes. BAS stress-tests reactions in real time, proving if defenses work or not. It’s no longer about belief—it’s about proof.

Aembit IAM for Agentic AI is redefining enterprise AI security—giving each AI agent its own verified identity while securing sensitive systems with Blended Identity and the MCP Identity Gateway. Say goodbye to shared credentials and hello to auditable, secure access. It’s like giving AI agents a backstage pass, but with a bouncer checking every move!

Hacktivists have taken the thrill-seeking route, breaching Canadian critical infrastructure systems just for the headlines. From water facilities to farm silos, they’ve caused chaos without sophisticated tools. The Canadian Centre for Cyber Security warns that oversight is weakest in local utilities. Remember, it’s not just the pipes—it’s Canada’s reputation on the line!

Hacktivists are turning cyber pranks into full-blown chaos by targeting internet-exposed industrial control systems. From tampering with water pressure valves to triggering false alarms, they’re giving CISOs a new reason to lose sleep. The Canadian Centre for Cyber Security warns: don’t let poorly secured ICS devices become a hacker’s playground!

Microsoft 365 companion apps are getting a Copilot upgrade! Currently, Copilot assists in People and Files, but soon it’ll join Calendar. These productivity sidekicks are exclusive to enterprises, giving workplace access right from the taskbar. So, if you’re using Microsoft 365 Personal, you’ll have to wait for your AI-powered butler.

Adaptix, a legitimate penetration testing tool, is now delivering malware, courtesy of Russian-linked ransomware groups. Silent Push’s research shows how quickly cybercriminals flip security tools for nefarious purposes. Adaptix has become the new hacker favorite, following in the dubious footsteps of Cobalt Strike.

Over 130 malicious NPM packages have been downloaded about 100,000 times. These packages use the NPM postinstall hook to deploy information stealers. Dubbed PhantomRaven, this campaign cleverly hides its malicious intent and targets developers with typosquatting and AI-suggested package names.

Proton’s Data Breach Observatory has unearthed over 300 million compromised records on the dark web this year. SMBs, particularly in retail, have been prime targets. The new service aims to spotlight breaches and alert affected parties promptly. It’s like having a digital watchdog, sniffing out cyber trouble before it bites!

Cloud Atlas is back in action, targeting Russia’s agricultural sector with an old 2023 exploit. Using booby-trapped Word documents, they deliver the VBShower backdoor. This adaptable threat actor has been active since 2014, increasing attacks on Russia and Belarus in 2025. Other groups like GOFFEE and PhantomCore are also in the mix.

PhantomRaven is a crafty software supply chain attack targeting the npm registry with over 100 malicious packages. By exploiting Remote Dynamic Dependencies, attackers cleverly hide their code, making it invisible to security scanners. Developers beware! These packages are stealthier than a ninja in a library.

People’s Postcode Lottery players got a surprise peek at others’ personal info due to a technical glitch. Instead of winning numbers, users saw names and addresses. PPL swiftly pulled the site offline, ensuring no more accidental prize draws for privacy breaches. They’re now offering free Experian credit monitoring to those affected.