The Qilin ransomware group has developed a highly sophisticated infection chain that targets and disables over 300 endpoint detection and response (EDR) solutions. As defenders improve behavioral detection capabilities, attackers are increasingly targeting the defense layer itself during the early stages of a breach. By deploying a malicious “msimg32.dll” file, attacke...

The rapid and relentless adoption of Software-as-a-Service (SaaS) applications has fundamentally transformed how businesses operate in 2026. From critical productivity suites like Microsoft 365 and Google Workspace to specialized CRM, HR, and development tools, SaaS is ubiquitous. However, this convenience comes with a significant security caveat: a vast and often unma...

A new phishing campaign that uses malicious Windows shortcut (LNK) files to target users in South Korea, while abusing GitHub as Command and Control (C2) infrastructure to hide its activity. The operation, linked through tooling and tradecraft to North Korea–related actors, shows a clear evolution from earlier, less obfuscated XenoRAT-delivery campaigns observed since ...

A threat actor known as “Mr. Raccoon” claims to have breached Adobe, stealing a massive amount of sensitive data. According to a report by International Cyber Digest, the stolen files include 13 million customer support tickets, 15,000 employee records, internal documents, and all of the company’s HackerOne bug bounty submissions. The attacker did not hack […]

T...

Sign-up forms that drag on, login steps that repeat, and access requests that take longer than expected have become a normal part of using digital services. These moments rarely stand out on their own, and over time they influence how people judge the systems they rely on. The 2026 Thales Digital Trust Index reflects that environment, where trust is built or lost throu...