Offensive Security

hu, 09 Apr 2026

New ‘LucidRook’ malware used in targeted attacks on NGOs, universities

LucidRook malware targets NGOs and universities in Taiwan via spear-phishing. It uses sophisticated infection chains involving LNK files and fake antivirus executables.

Read Article

hu, 09 Apr 2026

EngageLab SDK Flaw Exposed 50M Android Users, Including 30M Crypto Wallet Installs

A vulnerability in the EngageLab SDK allowed apps on the same device to bypass Android sandbox security, risking private data exposure. The flaw has been patched to protect millions of cryptocurrency...

Read Article

hu, 09 Apr 2026

Dfense projects revenue of R$180M this year

Dfense Security, responsible for the digital protection of large financial institutions and large companies in Brazil, began a new cycle of national expansion with the structured entry into R

Read Article

hu, 09 Apr 2026

When attackers already have the keys, MFA is just another door to open

Figure exposed 967,200 email records without any exploit, highlighting architectural vulnerabilities. This breach demonstrates limitations of MFA in preventing data exposure.

Read Article

hu, 09 Apr 2026

Claude helps researcher dig up decade-old Apache ActiveMQ RCE vulnerability (CVE-2026-34197)

A remote code execution vulnerability in Apache ActiveMQ, existing for 13 years, was discovered and patched in March 2026. No active exploitation detected yet.

Read Article

hu, 09 Apr 2026

Mallory brings contextual threat intelligence to security operations

Mallory launches an AI-native threat intelligence platform to provide actionable insights for CISOs, enhancing proactive security measures. It contextualizes threats against an organization's attack...

Read Article