Kimsuky strikes again with HttpTroy, a new backdoor designed to make even the most seasoned IT professionals break into a nervous sweat. Disguised as a VPN invoice, it infiltrates systems like a stealthy ninja, executing commands, capturing screenshots, and transferring files—all while keeping South Korean cybersecurity experts on their toes.

Check Point Research has unmasked the Ghost Network, a cunning malware operation that turned malicious video production into an art form. With a role-based structure, it hijacks YouTube channels to distribute malware-laden tutorials. Pro tip: If Bob Ross isn’t teaching Photoshop, it’s probably a trap!

Is critical infrastructure prepared for OT ransomware? Not quite. Europe’s power sector coordination is more fragmented than a cookie in a blender, and outdated systems are as secure as a screen door on a submarine. As cyberattacks ramp up, power stations need a shared language—or at least a translator app—to handle crises effectively.

Operation Sticky Fingers sounds like a heist movie, but it was a sting operation that caught Kansas City cops with sticky fingers. A hack exposed the department’s secret Giglio List, revealing officer misconduct ranging from stealing video games to swiping crab legs. Turns out, some cops were more Grand Theft Auto than Law & Order.

A suspected Chinese state-sponsored threat actor, CL-STA-1009, is making headlines with its AirWatch API-abusing malware, Airstalk. Targeting business process outsourcing entities, this covert operation uses sneaky tactics and stolen certificates. It’s like cybercriminals went to hacking comedy school and graduated with honors—minus the diploma and cap and gown.

A Ukrainian man extradited from Ireland faces charges in the US for his alleged role in the infamous Conti ransomware operation. His extradition highlights the global cybercrime fight. Note to aspiring cybercriminals: if you’re planning to scheme with Conti, remember the FBI and Irish police are not exactly fans of your work.

Windows 11 Task Manager has become the guest that won’t leave. After the October 2025 update, hitting “Close” just makes it hide better, causing performance issues. Until Microsoft fixes this, users might need to get creative with command prompts to show Task Manager the door.

Ransomware is on the rise in Europe, with the UK at the epicenter and “big-game hunting” attacks targeting top firms. CrowdStrike’s report highlights the digital danger zones, while violence-as-a-service adds a twist of real-world chaos. Who knew crime could be so tech-savvy and well-rounded?

Chrome 142 arrives with patches for 20 vulnerabilities, including seven high-severity flaws. While Google shelled out $100,000 in bug bounties for the top two, no rewards went to Google’s own AI agent, Big Sleep, for finding three high-severity bugs. Looks like AI is still waiting for its “Employee of the Month” plaque!

Conduent’s January 2025 breach exposed personal data of over 10 million people, including names, Social Security numbers, and health information. The breach, which affected multiple US states, led to significant costs but no major operational impacts. Conduent is offering free identity protection to those affected.

Australia’s Signals Directorate warns unpatched Cisco IOS XE devices are vulnerable to a known exploit, CVE-2023-20198, favored by the Salt Typhoon gang. Attackers install BADCANDY, a sneaky implant that detects and reinstalls itself upon removal. The fix? Patch those devices—or risk playing an endless game of malware whack-a-mole.

The University of Pennsylvania “We got hacked” email saga takes a wild turn as hackers claim they accessed data on 1.2 million donors. The breach, involving Penn’s systems and donor database, is no joke—except to the hackers who seem to have a bone to pick with “nepobaby-serving institutions.” Stay vigilant, Penn donors!

Russia arrests the brains behind the Meduza Stealer MaaS operation. Discover how their ‘fatal error’ turned into a one-way ticket to the slammer.

The Open VSX registry had to rotate access tokens after developers accidentally leaked them, allowing threat actors to publish malicious extensions. This led to a campaign dubbed “GlassWorm,” which hid malware in invisible Unicode characters. Thankfully, the Open VSX team acted swiftly, containing the threat faster than a squirrel on espresso.

Cybersecurity enthusiasts, rejoice! Pierluigi Paganini’s Security Affairs newsletter is back with a fresh round of international insights. From hacked card shuffling machines to Android malware mimicking human behavior, this edition has it all. Dive into tales of insider threats, ransomware dips, and how not to take BADCANDY from strangers!

The Australian Signals Directorate warns that the BadCandy webshell is not just a sweet name—it’s a sour cyber threat! Unpatched Cisco IOS XE devices are the target, with attackers exploiting CVE-2023-20198 for admin takeover. Patch up, or you might find yourself in a sticky situation!

Windows 11 Build 26220.7051 is rolling out, featuring the new Ask Copilot taskbar tool. It’s like having a personal assistant but without the awkward small talk. Now, you can chat with Copilot directly from the taskbar, making search as easy as asking a friend who actually knows what they’re talking about.

Google says AI Search will have ads, and they’re here to stay. Robby Stein from Google assures us ads will evolve with AI, offering context like matching shoes or booking allergy-friendly restaurants. So, while Google Ads aren’t leaving, they might just become your new AI-powered shopping buddy!

Ask Copilot on the taskbar is the star of Windows 11 Build 26220.7051, letting you chat with AI without lifting a browser finger. It’s like having a digital sidekick who won’t eat your snacks. Just enable it in Settings and feel your inner superhero emerge, minus the cape.

Bronze Butler exploited a Lanscope Endpoint Manager flaw to deploy Gokcpdoor malware, according to Sophos researchers. The cyber-espionage group used this vulnerability, CVE-2025-61932, to steal data before a patch was released. With no workarounds available, patching remains the best defense against these attacks.