All Posts

A large-scale international operation has targeted organized cyber scam networks operating through social media, resulting in the removal of more than 150,000 fraudulent accounts linked to criminal groups in Southeast Asia. The action was carried out by Meta Platforms in collaboration with global law enforcement agencies. The enforcement effort took place during a coordinated initiative known as Joint Disruption Week, which involved organizations including the Royal Thai Poli

Cybersecurity researchers have reported multiple intrusions where attackers compromised FortiGate devices to gain unauthorized access to corporate networks and extract sensitive internal information. These appliances, developed by Fortinet, are widely used as next-generation firewalls and VPN gateways that sit at the network edge, making them a critical component of enterprise security infrastructure. Incident responders observed that attackers deliberately targeted these per

As cyber threats continue to grow in sophistication and frequency, organizations are under increasing pressure to strengthen their cybersecurity leadership. However, many businesses operate without a dedicated Chief Information Security Officer (CISO) due to the high cost and resource commitment of hiring a full-time executive. Without strategic security leadership, organizations often struggle to align their cybersecurity initiatives with business goals, manage risks effecti

Cybersecurity researchers have uncovered a targeted cyber-espionage campaign conducted by the Iran-linked threat group MuddyWater, which has infiltrated multiple organizations across the United States and allied countries. The operation targeted sectors considered strategically significant, including financial institutions, aviation infrastructure, non-profit organizations, and a software company connected to the defense and aerospace industry. The activity highlights how sta

Not all critical vulnerabilities rely on stolen credentials or exposed admin panels. Sometimes, the most damaging flaws are hidden inside automated workflows that organizations trust every day. A critical zero-click remote code execution vulnerability affecting FreeScout, tracked as CVE-2026-28289, demonstrates exactly that risk. The flaw allows attackers to achieve unauthenticated remote command execution simply by sending a specially crafted email to a mailbox connected to

Not all critical vulnerabilities begin with a remote exploit. Sometimes, the most dangerous flaws are the ones attackers use after they are already inside. A high-severity vulnerability affecting VMware environments, tracked as CVE-2025-41244, has been confirmed as actively exploited in the wild. The issue impacts VMware Aria Operations and VMware Tools in environments where the Software-Defined Management Platform (SDMP) is enabled. The U.S. Cybersecurity and Infrastructure

Many organizations assume that partnering with an MSSP automatically means they are fully protected but monitoring alone is no longer enough in today’s threat landscape. A Managed Security Service Provider (MSSP) primarily focuses on deploying, managing, and monitoring security tools such as SIEM, firewalls, and endpoint solutions. Their services are largely automated and portal-driven, generating alerts and notifying your team when suspicious activity is detected. While this

The rise of AI-integrated browsers has introduced new convenience and new risks. In early 2026, researchers from Palo Alto Networks Unit 42 and multiple cybersecurity outlets disclosed a high-severity vulnerability in Google Chrome’s Gemini Live AI assistant, tracked as CVE-2026-0628. The flaw allowed seemingly low-permission extensions to bypass Chrome’s built-in privilege boundaries, giving attackers access to sensitive system resources like files, camera, microphone, and s

The traditional image of malware distribution which is mass phishing emails or exploit kits targeting enterprise infrastructure is evolving. In recent reporting from multiple cybersecurity outlets including The Hacker News and News4Hackers, researchers have identified a campaign spreading trojanized gaming utilities embedded with a Java-based Remote Access Trojan (RAT), often referred to in analysis as SteaElite RAT. Rather than exploiting software vulnerabilities directly, t

In early 2026, reports began circulating across cybersecurity circles about a major data breach affecting CarGurus, one of the world’s largest online automotive marketplaces. While early estimates varied, disclosures suggested that millions of user records may have been exposed, with figures ranging from roughly 12 million to well over 100 million accounts. Such inconsistencies are common in the early stages of breach investigations, yet the underlying concern remained clear

The Optimizely incident is a powerful reminder that not all cyberattacks begin with malicious code or technical exploits. In this case, the breach reportedly originated from a voice phishing or “vishing” attack, where deception over the phone became the gateway to unauthorized access. Rather than targeting software weaknesses, the attackers targeted something far more universal and difficult to defend. The event underscores a growing reality in cybersecurity which is organiza

The Laptop Farm That Fooled Corporate America A recent U.S. criminal case has shed light on a strikingly modern form of fraud which is one that did not involve breaking into networks or deploying sophisticated malware. Instead, the scheme revolved around trust, identity, and the mechanics of remote work. According to law-enforcement disclosures, a Ukrainian national was sentenced in the United States for operating what investigators described as a “laptop farm,” a setup desig

The biggest cyber threats across Africa are not always dramatic hacks or Hollywood-style breaches. Between late 2025 and early 2026, authorities across 16 African countries carried out a sweeping crackdown known as Operation Red Card 2.0, targeting something far more common which is online scams. Coordinated by INTERPOL, the operation exposed how modern fraud rings operate less like technical masterminds and more like highly organized deception businesses. Instead of attackin

Microsoft and other security leaders sounded the alarm on a dangerous evolution of the ClickFix  campaign. This tactic, which first appeared in 2024, tricks users into manually running malicious commands under the guise of "fixing" a website error or passing a security check. The latest version is far more aggressive and harder to spot which is it doesn't just wait for an error to happen and it creates one. By intentionally crashing a user's browser, hackers create a moment o

Security researchers uncovered a groundbreaking new threat called "AI-in-the-Middle."  For years, we worried that hackers might use AI to write better phishing emails; now, they are using the AI itself as a secret communication tunnel. By exploiting the way AI assistants like Microsoft Copilot or Grok can browse the live web to summarize links, hackers have found a way to hide their malicious activity. Because these AI services are trusted and used by almost every major compa

In early February 2026, a new kind of digital trap was discovered hidden right inside Microsoft Outlook. Known as "AgreeToSteal,"  this campaign involved a once-popular scheduling tool called "AgreeTo" that had been abandoned by its creator. Because the original developer stopped paying for the website that powered the app, a clever hacker stepped in and bought the web address. Since the app was still officially listed in the Microsoft Store and trusted by Outlook, the hacker

In a massive win for global security, an international police task force dismantled JokerOTP in April 2025. This wasn't just a group of hackers; it was a "crime-as-a-service" supermarket that sold high-tech tools to everyday criminals. By the time it was shut down, the platform had powered over 28,000 attacks across 13 countries, stealing roughly $9.5 million USD from unsuspecting victims. The crackdown led to the arrests of key masterminds in the UK and the Netherlands, but

Since late 2024 and moving into early 2026, specialized North Korean groups have realized it is much easier to simply apply for a job. These operatives are posing as elite IT professionals to land remote roles at major companies, particularly in Singapore, Japan, and Malaysia. While they initially started these scams just to collect high-paying paychecks to fund their government’s weapons, they have now turned into dangerous insiders. They are currently hunting for access to

A major security event is currently unfolding that impacts organizations using Citrix NetScaler (formerly known as Citrix ADC and Gateway). Security researchers at GreyNoise and news outlets like BleepingComputer have raised the alarm regarding a massive wave of scanning activity. What makes this particular situation unique and dangerous is not just the vulnerability itself, but the clever way hackers are hiding their tracks using "residential proxies." At Vardaan Sdn Bhd, we

Most developers spend their entire day inside a code editor like VS Code, relying on "extensions" to help format code or manage projects. We usually treat these marketplaces as safe havens, but a new threat called Glassworm  has recently turned that trust into a vulnerability. Security researchers at Socket and BleepingComputer have uncovered a campaign where hackers hijacked legitimate developer accounts on Open VSX  to distribute malicious code. This isn't just a random vir