Skip to content
inionline.net
  • Managed IT Support Services
  • Contact Us
inionline.net
  • Blog

    U.S. Government Entity Paid Kairos $1 Million in Data-Theft Extortion Case

    A U.S. government entity paid about $1 million to keep stolen files from being leaked, according to a new case study by Rakesh Krishnan for Ransom-ISAC, built on a leaked negotiation chat and the blockchain trail the payment left. The odd part: the group that took the money calls itself Kairos, but it may not be…

    Read More U.S. Government Entity Paid Kairos $1 Million in Data-Theft Extortion CaseContinue

  • Blog

    North Korean Hackers Publish 108 Malicious Packages and Extensions in PolinRider Campaign

    The North Korean threat actors linked to the Contagious Interview campaign have been observed publishing 108 unique packages and web browser extensions spanning npm, Packagist, Go, and Google Chrome as part of an ongoing activity referred to as PolinRider. “The campaign remains active, and new malicious packages are likely to continue appearing as threat actors…

    Read More North Korean Hackers Publish 108 Malicious Packages and Extensions in PolinRider CampaignContinue

  • Blog

    Ivanti Sentry Pre-Authentication RCE

    What is the Vulnerability? FortiGuard Labs continues to observe exploitation attempts targeting CVE-2026-10520 following the public release of technical details and proof-of-concept (PoC) exploit code. CVE-2026-10520 is a critical vulnerability affecting Ivanti Sentry that allows remote, unauthenticated attackers to execute arbitrary operating system commands with root privileges. The flaw stems from improper handling of internal…

    Read More Ivanti Sentry Pre-Authentication RCEContinue

  • Blog

    Unpatched Flaws Disclosed in Filesystem Bundled Into Millions of Embedded Devices

    Security firm runZero has disclosed seven vulnerabilities in FatFs, a small filesystem library that lets a device read and write the FAT and exFAT formats used on USB drives and SD cards. The flaws matter because FatFs is nearly everywhere. It ships inside the firmware that runs security cameras, drones, industrial controllers, hardware crypto wallets, and other devices…

    Read More Unpatched Flaws Disclosed in Filesystem Bundled Into Millions of Embedded DevicesContinue

  • Blog

    New “Bad Epoll” Linux Kernel Flaw Lets Unprivileged Users Gain Root, Hits Android

    A newly disclosed Linux kernel flaw called Bad Epoll (CVE-2026-46242) lets an ordinary user with no special access take full control of a machine as root. It affects Linux desktops, servers, and Android, and a fix is out. Bad Epoll sits in the same small stretch of kernel code where Anthropic’s most powerful AI model,…

    Read More New “Bad Epoll” Linux Kernel Flaw Lets Unprivileged Users Gain Root, Hits AndroidContinue

  • Blog

    New Avalon Malware Framework Packs CrownX Ransomware Capabilities

    Cybersecurity researchers have discovered a previously undocumented modular malware framework codenamed Avalon that’s distributed by means of a multi-stage phishing chain capable of bypassing traditional security controls. Avalon combines credential collection, lateral movement, remote access, recovery disruption, and ransomware execution, bringing together diverse functions under one

    Read More New Avalon Malware Framework Packs CrownX Ransomware CapabilitiesContinue

  • Blog

    North Korea-Linked npm Packages Mimic Rollup Polyfills to Steal Developer Secrets

    Threat actors with ties to North Korea have been linked to a fresh set of malicious npm packages that masquerade as Rollup polyfill tooling to facilitate remote access and data theft. According to JFrog, the packages “rollup-packages-polyfill-core” and “rollup-runtime-polyfill-core” mimic the legitimate “rollup-plugin-polyfill-node” project, down to the description, repository metadata, and

    Read More North Korea-Linked npm Packages Mimic Rollup Polyfills to Steal Developer SecretsContinue

  • Blog

    Armored Likho Targets Government Agencies, Power Sector with BusySnake Stealer

    A previously undocumented threat actor known as Armored Likho has been attributed to cyber attacks targeting government agencies and the electric power sector across Russia, Brazil, and Kazakhstan. “Armored Likho blends financially motivated campaigns targeting private individuals with targeted cyber espionage aimed at organizations,” Kaspersky said in a technical analysis published today. “

    Read More Armored Likho Targets Government Agencies, Power Sector with BusySnake StealerContinue

  • Blog

    Chinese LLMs Broaden the Gap Between Attackers & Defenders

    Two new models from Chinese firms compete with top US mainstream and frontier models. Should cyber-defenders be worried?

    Read More Chinese LLMs Broaden the Gap Between Attackers & DefendersContinue

  • Blog

    European Parliament Member Investigating Spyware Was Hacked With Pegasus

    A new report from the Citizen Lab has revealed that former Member of the European Parliament Stelios Kouloglou had his mobile device repeatedly hacked with the notorious Pegasus spyware while serving on a committee that was tasked with investigating the abuse of such commercial surveillance tools in the bloc. “Through forensic analysis of his device,…

    Read More European Parliament Member Investigating Spyware Was Hacked With PegasusContinue

Page navigation

1 2 3 … 513 Next PageNext
Facebook
Privacy Policy
Background by Vecteezy

Web Design 2024 SekuritasIT

Veteran Owned and Operated

Scroll to top
  • Managed IT Support Services
  • Contact Us