krebsonsecurity-com

A new phishing-as-a-service called Starkiller uses disguised links to load real login pages from target brands. It acts as a relay between victims and legitimate sites, forwarding usernames, passwords, and MFA codes to bypass security measures.

The Kimwolf botnet controller known as "Dort" has coordinated DDoS attacks, doxing, and email flooding against security researchers, including sending a SWAT team to a researcher's home. This analysis examines what public information reveals about Dort's identity and activities.

AI-based assistants that automate tasks and access user systems are growing in popularity among developers and IT workers. These powerful tools are rapidly shifting security priorities for organizations while blurring lines between trusted tools and potential threats.

Microsoft released security updates addressing 77 vulnerabilities across its software products. While no zero-day flaws were reported this month, some patches require prompt attention from Windows users. The updates are part of Microsoft's regular Patch Tuesday cycle.

An Iran-linked hacktivist group claims responsibility for a data-wiping attack on medical technology company Stryker. The company sent home over 5,000 workers in Ireland and is experiencing a building emergency at its U.S. headquarters.

U.S., Canadian and German authorities dismantled infrastructure behind four IoT botnets that compromised over three million devices. The botnets were responsible for record-breaking DDoS attacks capable of knocking targets offline.

A financially motivated data theft and extortion group has unleashed a worm that spreads through poorly secured cloud services. The malware wipes data on infected systems that use Iran's time zone or have Farsi set as the default language.

German authorities have identified 31-year-old Russian Daniil Maksimovich Shchukin as the hacker "UNKN" who led ransomware groups GandCrab and REvil. He is accused of carrying out at least 130 acts of computer sabotage and extortion against German victims between 2019 and 2021.

Russian military intelligence hackers exploited vulnerabilities in older routers to steal Microsoft Office authentication tokens from over 18,000 networks without deploying malware. Security experts warned that the campaign allowed state-backed hackers to quietly siphon tokens.

Microsoft fixed 167 security vulnerabilities including a SharePoint Server zero-day and a publicly disclosed Windows Defender weakness. Google Chrome addressed its fourth zero-day of 2026, and Adobe Reader released an emergency update for an actively exploited flaw.