Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

BlueVoyant Security Operations Center (SOC) and Threat Fusion Cell (TFC) security researchers have been tracking an emerging, rapidly maturing threat group conducting a global SEO-poisoning campaign that distributes trojanized Microsoft Teams installers. These installers ultimately deploy a multi-stage shellcode loader and backdoor BlueVoyant has designated Lorem Ipsum.

A software patch is a targeted code update that vendors release to fix cybersecurity flaws, correct bugs, or address performance issues in an existing application or operating system without replacing the software entirely.

Deepfake-driven fraud has caused $2.19 billion in losses globally, with $1.65 billion reported in 2025 alone, according to an analysis by Surfshark. More than half of these losses were due to investment scams using deepfakes of high-profile figures.

Opera and artificial intelligence may not seem like natural companions, but they share one important truth: The best performances are revealed over time. Early scenes set the stage, introduce the themes, and create a sense of anticipation. The audience leans in, waiting for the big moments still to come. AI in financial services has followed the same structure.

Anthropic’s announcement of Claude Mythos Preview may end up being remembered as the moment the cybersecurity industry had to stop talking about agentic AI as a future concept and start treating it as a present security variable. The reported results are serious. Anthropic says Mythos Preview identified and exploited zero-day vulnerabilities across major operating systems and browsers during testing.

AI-enabled systems are becoming more common in operational technology (OT) environments. What many industry analysts call “Physical AI” refers to AI systems embedded in physical environments — such as industrial cameras, robots and edge systems — that can perceive, interpret and act on real-world conditions. In industrial settings, this includes machine vision systems, predictive maintenance models, robotics optimization and edge analytics operating close to production assets.

The latest National Institute of Standards and Technology (NIST) draft guidance on mobile driver’s licenses(mDLs) is about more than one use case or credential type. While the draft primarily focuses on the financial sector due to its high-assurance requirements, the bigger takeaway is that government-issued identity can be cryptographically verified and shared more selectively.

Phishing campaigns leveraging remote management tools is nothing new. Securonix Threat Research has conducted in-depth dynamic analysis of an ongoing phishing campaign targeting multiple vectors, active since at least April 2025. The campaign has impacted over 80 organizations, predominantly in the United States, spanning multiple sectors. This campaign leverages vendor-signed Remote Monitoring and Management (RMM) software to establish silent, persistent access.

Modern developer environments expose sensitive context across files, prompts, logs, and commands. Learn how layered local controls reduce secrets risk.

CVE-2026-31431— the “Copy Fail” vulnerability—is a critical local privilege escalation (LPE) flaw in the Linux kernel’s cryptographic subsystem that allows unprivileged users to gain root access with near-perfect reliability. Boasting a CVSS score of 7.8 and affecting nearly every mainstream distribution since 2017 (including Ubuntu, RHEL, and Amazon Linux), Copy Fail has been added to the CISA KEV catalog due to its active exploitation and portable, low-footprint nature.