Skip to content
inionline.net
  • Managed IT Support Services
  • Contact Us
inionline.net
  • Blog

    ⚡ Weekly Recap: Proxy Botnets, Browser Ransomware, AI Agent Tricks, Fake PoC Malware and More

    A streaming box should not need a threat model. Neither should a username field, a demo repo, a reset flow, or a browser permission prompt. That is the irritating part this week: the risky pieces were ordinary. Home devices became a routing cover. Clean code pulled dirt from a dependency. Identity shortcuts aged badly. AI…

    Read More ⚡ Weekly Recap: Proxy Botnets, Browser Ransomware, AI Agent Tricks, Fake PoC Malware and MoreContinue

  • Blog

    How to Evaluate an AI SOC Platform in 2026: 6 Capabilities That Separate Leaders from Bolt-On AI solutions

    Building a shortlist for an AI SOC evaluation can be tough. SIEM, SOAR, and pureplay AI SOC vendors are all saying the same thing. But behind the identical label sit very different products, from chat assistants bolted onto a legacy SIEM to agent platforms that run detection, triage, investigation, and response on their own data…

    Read More How to Evaluate an AI SOC Platform in 2026: 6 Capabilities That Separate Leaders from Bolt-On AI solutionsContinue

  • Blog

    Suspected China-Nexus Hackers Use Fake Indian Tax Filing Utility to Deploy DcRAT

    A suspected China-nexus threat activity cluster has been observed targeting Indian taxpayers, tax professionals, and corporate finance teams to deliver a remote access trojan designed to steal sensitive data from compromised hosts. The multi-stage campaign, codenamed Operation DragonReturn by Seqrite Labs, involves sending spear-phishing emails impersonating the Income Tax Department of India.

    Read More Suspected China-Nexus Hackers Use Fake Indian Tax Filing Utility to Deploy DcRATContinue

  • Blog

    New TrojPix Attack Leaks Data From Air-Gapped Systems via Video Cable Emissions

    Researchers at Shandong University have shown a fast new way to pull data off computers that are cut off from every network. The technique, called TrojPix, tweaks on-screen pixels in ways the eye cannot see, so that the video cable carrying them radiates a faint radio signal a nearby receiver can decode. But TrojPix works only once malware…

    Read More New TrojPix Attack Leaks Data From Air-Gapped Systems via Video Cable EmissionsContinue

  • Blog

    New Java-Based QuimaRAT MaaS Built to Run on Windows, Linux, and macOS

    Cybersecurity researchers have flagged a novel Java-based remote access trojan (RAT) called QuimaRAT that’s capable of targeting Windows, Linux, and macOS environments. According to LevelBlue, the cross-platform malware is advertised under a malware-as-a-service (MaaS) model, costing anywhere between $150 for one month to $1,200 for lifetime access. Other subscription tiers include $300 for

    Read More New Java-Based QuimaRAT MaaS Built to Run on Windows, Linux, and macOSContinue

  • Blog

    Opera GX Flaw Let Malicious Sites Auto-Install Mods to Steal Data From Visited Pages

    Researchers found a flaw in Opera GX, the gaming-focused version of the Opera browser, that let a malicious website silently install a browser add-on and use it to lift specific data from the pages a victim visits. In a proof of concept, they reconstructed a signed-in user’s full Gmail address from a single visit, with no…

    Read More Opera GX Flaw Let Malicious Sites Auto-Install Mods to Steal Data From Visited PagesContinue

  • Blog

    SkillCloak Lets Malicious AI Agent Skills Evade Static Scanners with Self-Extracting Packing

    Scanners meant to catch malicious add-on “skills” for AI coding agents can be fooled by a few simple changes that leave the malware working, according to a new study from researchers at the Hong Kong University of Science and Technology. Their strongest trick slipped past every scanner tested more than 90% of the time, and the same…

    Read More SkillCloak Lets Malicious AI Agent Skills Evade Static Scanners with Self-Extracting PackingContinue

  • Blog

    U.S. Government Entity Paid Kairos $1 Million in Data-Theft Extortion Case

    A U.S. government entity paid about $1 million to keep stolen files from being leaked, according to a new case study by Rakesh Krishnan for Ransom-ISAC, built on a leaked negotiation chat and the blockchain trail the payment left. The odd part: the group that took the money calls itself Kairos, but it may not be…

    Read More U.S. Government Entity Paid Kairos $1 Million in Data-Theft Extortion CaseContinue

  • Blog

    North Korean Hackers Publish 108 Malicious Packages and Extensions in PolinRider Campaign

    The North Korean threat actors linked to the Contagious Interview campaign have been observed publishing 108 unique packages and web browser extensions spanning npm, Packagist, Go, and Google Chrome as part of an ongoing activity referred to as PolinRider. “The campaign remains active, and new malicious packages are likely to continue appearing as threat actors…

    Read More North Korean Hackers Publish 108 Malicious Packages and Extensions in PolinRider CampaignContinue

  • Blog

    Ivanti Sentry Pre-Authentication RCE

    What is the Vulnerability? FortiGuard Labs continues to observe exploitation attempts targeting CVE-2026-10520 following the public release of technical details and proof-of-concept (PoC) exploit code. CVE-2026-10520 is a critical vulnerability affecting Ivanti Sentry that allows remote, unauthenticated attackers to execute arbitrary operating system commands with root privileges. The flaw stems from improper handling of internal…

    Read More Ivanti Sentry Pre-Authentication RCEContinue

Page navigation

1 2 3 … 514 Next PageNext
Facebook
Privacy Policy
Background by Vecteezy

Web Design 2024 SekuritasIT

Veteran Owned and Operated

Scroll to top
  • Managed IT Support Services
  • Contact Us