Threat Analyst
Artem specializes in analyzing large-scale data breaches and social engineering methods. He believes that the primary vulnerability in any system isn't code-it's human behavior. In his articles, he deconstructs complex cybercriminal schemes and transforms them into actionable security guidelines.
Eight tech giants pledged to share threat intelligence against cross-platform criminal networks at the first UN Global Fraud Summit. The voluntary pact carries no penalties, and global losses topped $1 …
Read more →
Android banking trojans jumped 56% in 2025, and nearly all of them abuse the AccessibilityService API. Android 17 Beta 2 now blocks non-accessibility apps from using the API when Advanced …
Read more →
Five critical vulnerabilities lead the March 14-15 batch of 215 new CVEs. A CVSS 9.8 unauthenticated WordPress RCE, OneUptime's fourth CVSS 9.9 in six weeks, and three unpatched D-Link buffer …
Read more →
A supply-chain operation planted 72 malicious VS Code extensions on Open VSX using transitive dependencies that bypass initial review. The same GlassWorm threat actor injected Unicode payloads into 151 GitHub …
Read more →
A global law enforcement operation seized 34 domains and froze $3.5 million in crypto after the SocksEscort proxy botnet hijacked 369,000 routers across 163 countries. According to the FBI, the …
Read more →
An unauthenticated file upload in the WordPress Pix for WooCommerce plugin scored CVSS 9.8, and OneUptime collected its fourth critical vulnerability in two weeks. The March 14 digest covers 10 …
Read more →
A six-month Interpol crackdown across 72 countries sinkholed 45,000 malicious IPs and arrested 94 people. Operation Synergia III is the largest phase yet, more than doubling the IP takedowns of …
Read more →
Four CVSS 9.9 flaws hit Veeam Backup and Replication, letting domain users run code on backup servers. The March 13 vulnerability digest covers eight Veeam patches, a Tolgee XXE, and …
Read more →
Four CVSS 9.9 remote code execution flaws patched in Veeam Backup and Replication. Authenticated domain users could run arbitrary code on backup servers. Past Veeam vulnerabilities were weaponized by Akira, …
Read more →
Two actively exploited Chrome zero-days in the Skia graphics engine and V8 JavaScript engine prompted an emergency Google patch within 48 hours. These are the second and third Chrome zero-days …
Read more →
An AI facial recognition match sent a Tennessee grandmother to jail for six months for a Fargo bank fraud she could not have committed. Bank records proved she was 1,200 …
Read more →
A 45-second USB attack on a powered-off Android phone extracted PINs and crypto wallet seeds. Ledger's researchers exploited a MediaTek secure boot flaw affecting an estimated 25% of all Android …
Read more →