VulnHub

The RondoDox botnet has ramped up its operations, now targeting 174 different vulnerabilities and reaching a peak of 15,000 exploitation attempts each day. This botnet is adopting a more focused strategy, which raises concerns for organizations as it indicates a shift towards exploiting specific weaknesses rather than a broader, less efficient approach. The increase in targeted attacks could impact a wide range of systems and software that have these vulnerabilities, potentially leading to data breaches or system compromises. Companies and IT teams need to be vigilant and proactive in securing their systems against these threats to prevent exploitation. It’s crucial for affected organizations to review their security posture and apply necessary patches or updates.

Since 2020, a Chinese-linked hacking group known as CL-STA-1087 has been targeting military organizations in Southeast Asia. This group has utilized two types of malware, named AppleChris and MemFun, to carry out its espionage activities. The group's operations show a calculated approach, focusing on gathering specific intelligence rather than conducting widespread attacks. This ongoing campaign raises concerns about the security of military data in the region and highlights the risks posed by state-sponsored cyber espionage. The implications of such targeted attacks could undermine national security and diplomatic relations in Southeast Asia.

GitGuardian has reported a significant increase in the number of sensitive data leaks related to AI services, revealing that around 29 million secrets were publicly exposed on GitHub. This represents an 81% surge compared to previous records. These leaks often include API keys, passwords, and other confidential information that can be exploited by malicious actors. The findings raise concerns about the security practices of developers and organizations using AI tools, as these leaks can lead to unauthorized access and data breaches. Companies need to adopt stronger security measures to safeguard their sensitive information and prevent further exposure.

A recent report by Armis indicates a significant rise in cyberattacks from nation-state actors targeting UK businesses. The concept of 'mutually assured disruption,' which previously discouraged such attacks, appears to be losing its effectiveness. This shift raises concerns about the potential for increased cyber warfare, putting numerous companies at risk. The report suggests that many firms may not be adequately prepared for these state-backed threats, which could lead to severe disruptions in operations and data security. As tensions rise globally, businesses in the UK need to bolster their cybersecurity measures to defend against these evolving risks.

According to a report from Akamai, API attacks have surged by 113% over the past year, marking a significant rise in the frequency of these incidents. The report reveals that a staggering 87% of organizations experienced at least one security issue related to APIs last year. This increase in API attacks poses serious risks, as APIs are critical for modern applications and are often targeted for sensitive data. The findings indicate that companies need to bolster their security measures to protect against these growing threats, as attackers are increasingly exploiting vulnerabilities in API implementations. With the rise of digital services, ensuring the security of APIs has become essential for safeguarding both organizational data and user information.

Researchers have discovered a long-running cyberespionage campaign linked to Chinese hackers targeting military organizations in Southeast Asia. The attackers utilized advanced backdoor techniques and traditional evasion methods to maintain ongoing access to these sensitive networks. This campaign has raised concerns about the security of military operations and the potential for sensitive information to be compromised. The infiltration has reportedly been active for years, indicating that these hackers have been able to operate undetected for an extended period. This situation highlights the ongoing cybersecurity challenges faced by military organizations in the region and the need for enhanced defenses against such sophisticated threats.

The GlassWorm supply chain attack campaign has escalated, involving dozens of malicious Open VSX extensions and over 150 compromised GitHub repositories, according to reports from The Hacker News. This campaign targets software development environments, potentially affecting developers who use these extensions and repositories for their projects. By infiltrating trusted sources, attackers can distribute malicious code that may compromise the integrity of software development processes. Users and organizations relying on these platforms need to be vigilant and ensure their systems are secure to mitigate the risk of infection. The widespread nature of this attack highlights the growing threat to software supply chains and the need for heightened security measures in development practices.

According to Field Effect's 2026 Cyber Threat Outlook, compromised cloud identities were responsible for over 80% of the incident alerts investigated in 2025. This significant statistic indicates that attackers are increasingly targeting cloud services to gain unauthorized access. The shift in focus toward cloud identity compromises suggests that organizations need to bolster their security measures around these services. Companies that rely heavily on cloud infrastructure should prioritize identity management and implement stronger authentication processes to mitigate risks. This trend emphasizes the critical need for ongoing vigilance in cybersecurity practices as attackers adapt their strategies.

The FBI has issued a warning to gamers about malware embedded in certain Steam games that has been stealing sensitive browser data and draining cryptocurrency wallets. This malicious activity reportedly took place between May 2024 and January 2026, affecting users who downloaded these compromised games. The malware exploits vulnerabilities to access personal information, making it a significant concern for the gaming community, especially as the popularity of cryptocurrencies continues to rise. Gamers are advised to be cautious about the games they download and to monitor their cryptocurrency accounts for any unusual activity. This incident underscores the need for heightened security awareness among gamers.