Microsoft warns tax-season phishing hit 29,000 users via IRS lures, enabling credential theft and RMM-based access.

Hybrid identity gaps and high user turnover create orphaned accounts in universities, increasing attack surface and breach risk.

North Korean hackers exploit VS Code tasks.json auto-run since Dec 2025 to deploy StoatWaffle malware, stealing data and enabling remote control.

Trivy supply chain attack pushed malicious Docker images on March 22, enabling credential theft and worm spread, impacting cloud environments.

Bedrock attack vectors exploit permissions and integrations, enabling data theft, agent hijacking, and system compromise at scale.

CVE-2025-32975 exploited since March 2026 on unpatched KACE SMA systems, enabling admin takeover and payload delivery.

Telegram blocked 43M channels in 2025, but cybercrime persists as actors adapt, maintaining platform dominance and forcing continuous monitoring.

Oracle fixes CVE-2026-21992 (CVSS 9.8) flaw enabling unauthenticated RCE via HTTP, risking full system compromise.

Russian-linked phishing hits thousands of messaging accounts via fake support tactics, enabling impersonation and data access ...

Claude Code bypasses security controls by acting locally before monitoring, exposing data risks and audit gaps.

Google adds 24-hour sideloading delay amid 17 malware families in 4 months, reducing scam-driven installs and device compromise risk.

LeakNet uses ClickFix via compromised sites to gain access, enabling stealth attacks and scalable ransomware operations.