Cyber Division

​

Critical open-source projects get a new security framework

Open source software projects are getting a new framework for handling security vulnerabilities as AI shortens the time between flaw discovery and exploitation. The Linux Foundation has launched Akrites, an industry initiative that brings together technology companies, financial institutions, security vendors, AI companies, and open source projects to support the remediation and disclosure of vulnerabilities affecting widely used open source software. Akrites aims to establish a common process for addressing security issues in software used … More →
The post Critical open-source projects get a new security framework appeared first on Help Net Security.

​

Ransomware gangs find Europe’s weakest link in third-party suppliers

Ransomware attacks against European organizations increased during the first months of 2026, with third-party suppliers becoming a major entry point for attackers. Black Kite examined 2,066 ransomware incidents across 31 countries between January 2025 and April 2026 in its 2026 European Cyber Risk Report. Country distribution of ransomware attacks (Source: Black Kite) “Three forces are converging on European organisations at once: ransomware is accelerating, supply chains are becoming a primary attack path, and regulations are … More →
The post Ransomware gangs find Europe’s weakest link in third-party suppliers appeared first on Help Net Security.

​

Mirage2FA phishing kit uses HTML smuggling to steal Microsoft 365 credentials

Mirage2FA, a phishing kit that combines short-lived HTML smuggling with obfuscated JavaScript loaders to deliver fake Microsoft 365 login pages and steal credentials during MFA prompts, has been identified by researchers at Fortra. Fortra based its analysis on a suspicious HTML and JavaScript attachment delivered by email, supporting DNS data, and the second-stage phishing page. Researchers said the campaign relied on business-themed lures, including secure documents, remittance services, automated billing, and payment requests. Opening the … More →
The post Mirage2FA phishing kit uses HTML smuggling to steal Microsoft 365 credentials appeared first on Help Net Security.

​

Mystery hackers use novel SharkLoader dropper against governments, software devs

Kaspersky researchers have uncovered a previously unknown cyberattack campaign that has compromised government organizations and software development companies in multiple countries. They first stumbled onto the campaign while investigating an attack on a diplomatic organization in Indonesia. What initially looked like an isolated incident revealed a global operation they’ve dubbed StrikeShark, due to the attackers’ use of a previously unknown dropper the researchers named SharkLoader. How the attackers get in The attackers gain access either … More →
The post Mystery hackers use novel SharkLoader dropper against governments, software devs appeared first on Help Net Security.

​

A decade of infrastructure development, one new name: Coinspaid Dev

The team behind Coinspaid Solutions steps into the spotlight with a mission to become the engineering voice of blockchain infrastructure.