Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

knowbe4

FBI: Kali365 Phishing Kit is Targeting Microsoft 365 Accounts

Jun 5, 2026 By KnowBe4 Team In KnowBe4
The US Federal Bureau of Investigation (FBI) has warned that a new phishing-as-a-service (PhaaS) platform called “Kali365” is targeting OAuth tokens to gain direct access to users’ Microsoft 365 accounts without stealing credentials or multifactor authentication codes. “Through the Kali365 platform subscription, cyber threat actors can capture ‘OAuth’ tokens and gain persistent access to targeted individuals/entities' Microsoft 365 environments,” the Bureau says.
Read Post
foresiet

Lucid Stealer Deep Dive

Jun 5, 2026 By foresiet In Foresiet
A publication-safe corporate blog analysis of a Node.js SEA information stealer and remote-access trojan. Foresiet Threat Intel Team identified and statically analyzed a newly observed Lucid Stealer build promoted through Telegram-linked underground channels. The sample is not a generic packed executable: it is a Lucid-branded credential stealer, wallet stealer and remote-access toolkit packaged inside a legitimate Node.js Single Executable Application wrapper.
Read Post
Why Unmanaged IoT Devices Create Hidden Security Gaps

Why Unmanaged IoT Devices Create Hidden Security Gaps

Jun 4, 2026 By SecuritySenses In SecuritySenses
Why did the seven-month dwell time inside that hospital surprise nobody on my team? A smart HVAC controller in a third-floor conference room sat on a US healthcare network for seven months. IT security had never inventoried it. The SOC had never seen its traffic. Within 72 hours of initial compromise, the attacker had pivoted to corporate systems and reached patient records. The final bill, as compiled in public breach reporting, lands at $12.4 million.
Read Post
bitsight

Crowdsourced Chaos: The Evolution of NoName057(16) and Why DDoS Resilience Matters

Jun 3, 2026 By Bitsight Team In BitSight
According to Bitsight Threat Intelligence, NoName057(16) remains one of the most visible pro-Russian hacktivist groups conducting distributed denial-of-service (DDoS) attacks against countries and organizations perceived as supporting Ukraine. This matters because the risk can extend beyond direct business ties to Ukraine, and the group may also target organizations that do business with vendors, suppliers, partners, or service providers perceived as supporting Ukraine.
Read Post

GitHub "Megalodon" Malware, Malware-Slop robs Claude, 7-Eleven breach & cPanel vulnerability [328]

Jun 1, 2026 By LimaCharlie In LimaCharlie
In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community. Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform. This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows.
View Video
safeaeon

Malware Risks and Mitigation: Strengthen Your Cybersecurity Posture

May 29, 2026 By SafeAeon Inc. In SafeAeon
Malware attacks are a major cybersecurity concern for individuals and businesses. These attacks can lead to data theft and financial losses. A report from AV-Test suggests that more than 450,000 new malware and PUA samples are detected each day, bringing the total to 1.56 billion known samples. Malware can take many forms, such as viruses, ransomware, spyware, and trojans. These can threaten data integrity, privacy, and business continuity.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.