Secrets sprawl isn’t slowing down: in 2025, it accelerated faster than most security teams anticipated. GitGuardian’s State of Secrets Sprawl 2026 report analyzed billions of commits across public GitHub and uncovered 29 million new hardcoded secrets in 2025 alone, a 34% increase year over year and the largest single-year jump ever recorded.
This year’s findings reveal three core trends: AI has
The Hacker News – Read More
The state-sponsored group’s campaign has targeted government, higher education, financial, and legal entities, as well as think tanks.
The post Russian APT Star Blizzard Adopts DarkSword iOS Exploit Kit appeared first on SecurityWeek.
SecurityWeek – Read More
T-Mobile’s credit card offering can save you money on your monthly bill, and gets you deals on dining, travel, and more.
Latest news – Read More
Two malicious versions of the popular SDK were uploaded to the PyPI registry, targeting Windows, macOS, and Linux.
The post Telnyx Targeted in Growing TeamPCP Supply Chain Attack appeared first on SecurityWeek.
SecurityWeek – Read More
Iran-linked hacking groups are turning to high-volume, low-impact cyberattacks, and AI is providing a boost.
The post Hacked Hospitals, Hidden Spyware: Iran Conflict Shows How Digital Fight Is Ingrained in Warfare appeared first on SecurityWeek.
SecurityWeek – Read More
We’ve just returned from RSAC
2026 in San Francisco, one of the most important cybersecurity events of the year.
As always, the conference brought together security leaders, vendors, and practitioners from around the world. For the ANY.RUN team, it was a packed few days of meetings with customers and partners, insightful presentations, and strong industry recognition.
This year, ANY.RUN was represented at RSAC by our CCO, Alex, who attended the conference to meet with partners and customers, discuss ongoing collaborations, and exchange insights on evolving threat detection challenges.
Beyond scheduled meetings, RSAC also provided an opportunity for deeper conversations in a more informal setting, including a partner dinner where key topics around SOC workflows, threat intelligence, and detection strategies were discussed.
These interactions are an important part of how we continue to align ANY.RUN’s solutions with real-world needs across security teams and MSSPs.
During RSAC 2026, ANY.RUN was honored at the Global InfoSec Awards 2026, organized by Cyber Defense Magazine.
We received recognition in two categories:
The recognition reflects what our solutions deliver in practice: higher detection rates, lower MTTR, and faster decision-making through interactive analysis and real threat context. It highlights unified workflows that keep investigations within a single process from monitoring to response, along with the ability to scale across both enterprise SOCs and MSSPs.
ANY.RUN provides interactive malware analysis and actionable threat intelligence designed for modern security teams.
Our solutions combine an Interactive Sandbox, Threat Intelligence Lookup, and Threat Intelligence Feeds to help SOC and MSSP teams analyze threats faster, investigate incidents with deeper context, and detect emerging attacks earlier.
Trusted by more than 15,000 organizations and over 600,000 security professionals worldwide, including 74% of Fortune 100 companies, ANY.RUN maintains a strong focus on data protection and compliance, while continuously evolving its solutions to address real-world threat detection and investigation challenges for SOCs and MSSPs.
The post ANY.RUN at RSAC™ 2026: Highlights & Industry Recognition appeared first on ANY.RUN’s Cybersecurity Blog.
ANY.RUN’s Cybersecurity Blog – Read More
The critical-severity flaw leaks application memory and can be exploited to obtain authenticated administrative session IDs.
The post Exploitation of Fresh Citrix NetScaler Vulnerability Begins appeared first on SecurityWeek.
SecurityWeek – Read More
Cybersecurity researchers have discovered a remote access toolkit of Russian-origin that’s distributed via malicious Windows shortcut (LNK) files that are disguised as private key folders.
The CTRL toolkit, according to Censys, is custom-built using .NET and includes various executables” to facilitate credential phishing, keylogging, Remote Desktop Protocol (RDP) hijacking, and reverse tunneling
The Hacker News – Read More
In a tough job market, having a recruiter offer you a job might seem like a dream – but make sure it’s not a scam.
Latest news – Read More
Three threat activity clusters aligned with China have targeted a government organization in Southeast Asia as part of what has been described as a “complex and well-resourced operation.”
The campaigns have led to the deployment of various malware families, including HIUPAN (aka USBFect, MISTCLOAK, or U2DiskWatch), PUBLOAD, EggStremeFuel (aka RawCookie), EggStremeLoader (aka Gorem RAT), MASOL
The Hacker News – Read More