Toggle light / dark theme

Get the latest international news and world events from around the world.

Log in for authorized contributors

Fake Tech Support Spam Deploys Customized Havoc C2 Across Organizations

Threat hunters have called attention to a new campaign as part of which bad actors masqueraded as fake IT support to deliver the Havoc command-and-control (C2) framework as a precursor to data exfiltration or ransomware attack.

The intrusions, identified by Huntress last month across five partner organizations, involved the threat actors using email spam as lures, followed by a phone call from an IT desk that activates a layered malware delivery pipeline.

“In one organization, the adversary moved from initial access to nine additional endpoints over the course of eleven hours, deploying a mix of custom Havoc Demon payloads and legitimate RMM tools for persistence, with the speed of lateral movement strongly suggesting the end goal was data exfiltration, ransomware, or both,” researchers Michael Tigges, Anna Pham, and Bryan Masters said.

CISA flags VMware Aria Operations RCE flaw as exploited in attacks

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a VMware Aria Operations vulnerability tracked as CVE-2026–22719 to its Known Exploited Vulnerabilities catalog, flagging the flaw as exploited in attacks.

Broadcom also warned that it is aware of reports indicating the vulnerability is exploited but says it cannot independently confirm the claims.

VMware Aria Operations is an enterprise monitoring platform that helps organizations track the performance and health of servers, networks, and cloud infrastructure.

Microsoft: Hackers abuse OAuth error flows to spread malware

Hackers are abusing the legitimate OAuth redirection mechanism to bypass phishing protections in email and browsers to take users to malicious pages.

The attacks target government and public-sector organizations with phishing links that prompt users to authenticate to a malicious application, Microsoft Defender researchers say.

With e-signature requests, Social Security notices, meeting invitations, password resets, or various financial and political topics that contain OAuth redirect URLs. Sometimes, the URLs are embedded in PDF files to evade detection.

The Great Filter May Explain Why Civilizations Don’t Survive

The universe is old enough, large enough, and chemically rich enough to have produced countless civilizations. And yet, when we listen, we hear nothing. The Great Filter hypothesis offers one of the most disturbing explanations in modern science — somewhere between dead chemistry and starfaring intelligence, there exists a barrier so severe that almost nothing gets through. But the real question isn’t whether the filter exists. It’s whether we’ve already passed it — or whether it’s still ahead of us, waiting. This video explores the formal probability argument behind the silence, the candidate barriers hiding in the deep history of biology, the existential threats that scale with technological power, and what every new discovery about life beyond Earth actually tells us about our own survival odds.

Sources:
Robin Hanson, \

Swarming, spinning microrobots can manipulate their surroundings

E pluribus unum – “out of many, one” – is not only a motto for the United States. It’s a good credo for microrobots.

A research collaboration between Cornell and the Max Planck Institute for Intelligent Systems has shown how a swarm of microrobots spinning on a water surface can together generate the fluidic torque needed to manipulate passive structures without any physical contact.

This collective behavior was demonstrated to operate gears and move objects, with the aim of eventually performing microscale tasks and biomedical procedures.

/* */