European Commission investigating breach after Amazon cloud hack
The European Commission, the European Union's main executive body, is investigating a security breach after a threat actor gained access to its Amazon cloud infrastructure. [...]
We Are At War
Rising geopolitical tensions are reflected (or in some cases preceded) by cyber operations, while technology itself has become politicized. Let’s admit it: we are in the middle of it. Introduction: One tech power to rule them all is a thing of the past The relative safety, peace and prosperity that much of the...
Duitse politie bezoekt bedrijven wegens kritieke PTC-kwetsbaarheid
Duitse politie bezoekt bedrijven wegens kritieke PTC-kwetsbaarheid Read more Published Date: Mar 27, 2026 (1 hour, 45 minutes ago) Vulnerabilities has been mentioned in this article. CVE-2026-4681
CISA sounds alarm on Langflow RCE, Trivy supply chain compromise after rapid exploitation
CISA sounds alarm on Langflow RCE, Trivy supply chain compromise after rapid exploitation Read more Published Date: Mar 27, 2026 (1 hour, 48 minutes ago) Vulnerabilities has been mentioned in this article.
Anti-piracy coalition takes down AnimePlay app with 5 million users
The Alliance for Creativity and Entertainment (ACE) announced the shutdown of AnimePlay, a major anime streaming platform with over 5 million users. [...]
Telnyx PyPI Package With 742,000 downloads Compromised in TeamPCP Supply Chain Attack
Telnyx PyPI Package With 742,000 downloads Compromised in TeamPCP Supply Chain Attack Read more Published Date: Mar 27, 2026 (2 hours, 13 minutes ago) Vulnerabilities has been mentioned in this article. CVE-2026-33634
Bearlyfy Hits 70+ Russian Firms with Custom GenieLocker Ransomware
A pro-Ukrainian group called Bearlyfy has been attributed to more than 70 cyber attacks targeting Russian companies since it first surfaced in the threat landscape in January 2025, with recent attacks leveraging a custom Windows ransomware strain codenamed GenieLocker. "Bearlyfy (also known as Labubu) operates as a...
Red Hat Warns of Malware Code Embedded in Popular Linux Tool Allow Unauthorized Access to Systems
Red Hat Warns of Malware Code Embedded in Popular Linux Tool Allow Unauthorized Access to Systems Read more Published Date: Mar 27, 2026 (3 hours, 1 minute ago) Vulnerabilities has been mentioned in this article. CVE-2024-3094
Windows 11 KB5079391 update rolls out Smart App Control improvements
Microsoft has released the KB5079391 preview cumulative update for Windows 11 24H2 and 25H2, which includes 29 changes, such as Smart App Control and Display improvements. [...]
Critical Citrix NetScaler and Gateway Vulnerabilities Let Remote Attackers Leak Sensitive Information
Critical Citrix NetScaler and Gateway Vulnerabilities Let Remote Attackers Leak Sensitive Information Read more Published Date: Mar 27, 2026 (4 hours, 6 minutes ago) Vulnerabilities has been mentioned in this article.
Dutch Police discloses security breach after phishing attack
The Dutch National Police (Politie) says a security breach resulting from a successful phishing attack has had a limited impact and hasn't affected citizens' data. [...]
LangChain, LangGraph Flaws Expose Files, Secrets, Databases in Widely Used AI Frameworks
Cybersecurity researchers have disclosed three security vulnerabilities impacting LangChain and LangGraph that, if successfully exploited, could expose filesystem data, environment secrets, and conversation history. Both LangChain and LangGraph are open-source frameworks that are used to build applications powered...
Ajax football club hack exposed fan data, enabled ticket hijack
Dutch professional football club Ajax Amsterdam (AFC Ajax) disclosed that a hacker exploited vulnerabilities in its IT systems and accessed data belonging to a few hundred people. [...]
China-Linked Red Menshen Uses Stealthy BPFDoor Implants to Spy via Telecom Networks
A long-term and ongoing campaign attributed to a China-nexus threat actor has embedded itself in telecom networks to conduct espionage against government networks. The strategic positioning activity, which involves implanting and maintaining stealthy access mechanisms within critical environments, has been...
MFA Doesn’t Protect You — Cookies Give You Away: The Rise of Session Hijacking
Session hijacking allows attackers to bypass MFA by stealing authentication cookies. Discover how it works and how to detect stolen session tokens before exploitation. The post MFA Doesn’t Protect You — Cookies Give You Away: The Rise of Session Hijacking appeared first on Brandefense.
[Webinar] Stop Guessing. Learn to Validate Your Defenses Against Real Attacks
Most teams have security tools in place. Alerts are firing, dashboards look clean, threat intel is flowing in. On the surface, everything feels under control. But one question usually stays unanswered: Would your defenses actually stop a real attack? That’s where things get shaky. A control exists, so it’s assumed...
Fake Mobile App: How Is Your Clone on the App Store Stealing Your Users?
Fake mobile apps replicate your brand to steal user credentials, financial data, and trust. Discover how attackers build, distribute, and monetize clone apps—and how to stop them early. The post Fake Mobile App: How Is Your Clone on the App Store Stealing Your Users? appeared first on Brandefense.
UAC-0102: Inside a Covert Espionage Operation Targeting Ukraine and Beyond
UAC-0102 is a stealth-focused cyber espionage group targeting Ukrainian government and infrastructure entities using spearphishing and cloud-based C2 techniques. The post UAC-0102: Inside a Covert Espionage Operation Targeting Ukraine and Beyond appeared first on Brandefense.
Inside the Operations of Crazy Evil: The Rise of a Global Crypto-Focused Cybercrime Network
An in-depth analysis of Crazy Evil, a financially motivated cybercrime group targeting Web3, crypto platforms, and digital identities through advanced social engineering and malware campaigns. The post Inside the Operations of Crazy Evil: The Rise of a Global Crypto-Focused Cybercrime Network appeared first on...
1 Million User Records Exposed: A Deep Dive into the Komiko AI App Data Breach
A massive Komiko AI data breach exposed over 1 million users, including OAuth tokens and session data—creating critical account takeover risks. Here’s what happened and how Brandefense detected it early. The post 1 Million User Records Exposed: A Deep Dive into the Komiko AI App Data Breach appeared first on...
Refloow Geo Forensics: A Free Batch Image Geolocation and EXIF Forensics Tool for OSINT
Refloow Geo Forensics: A Free Batch Image Geolocation and EXIF Forensics Tool for OSINT
User Scanner: Scan a username across multiple social, developer, gaming and creator platforms to see if it’s available
User Scanner: Scan a username across multiple social, developer, gaming and creator platforms to see if it’s available
GitHub: Threat Actor Usernames Scrape
GitHub: Threat Actor Usernames Scrape
WebSift: An Open-Source OSINT Tool for Web-Based Threat Hunting
WebSift: An Open-Source OSINT Tool for Web-Based Threat Hunting
Scilla: Information Gathering tool - DNS / Subdomains / Ports / Directories enumeration
Scilla: Information Gathering tool - DNS / Subdomains / Ports / Directories enumeration