cyber news - Security Ticks

Operation FanTrap: Inside the FIFA 2026 Fraud Ecosystem

cyber news, cybersecurity, darkweb, OSINT, phishing / SecurityTicks

Operation FanTrap: Inside the FIFA 2026 Fraud Ecosystem 2026-06-18 at 17:05 By Ashish Khaitan Executive Summary The FIFA World Cup 2026 has become more than a global sporting event. It has evolved into a large-scale cybercrime opportunity exploited by threat actors through a coordinated ecosystem of fraudulent domains, social media channels, messaging platforms, pirated streaming […]

Operation FanTrap: Inside the FIFA 2026 Fraud Ecosystem Read More »

FIFA World Cup 2026 Scams Are Already Active: Fake Domains, Phishing Sites, and How to Stay Safe

cyber news, cybersecurity, Threat Intelligence / SecurityTicks

FIFA World Cup 2026 Scams Are Already Active: Fake Domains, Phishing Sites, and How to Stay Safe 2026-06-10 at 17:24 By Ashish Khaitan The FIFA World Cup 2026 kicks off on June 11, and the world’s biggest sporting event is drawing more than just fans — it is already attracting a wave of cybercriminals targeting

FIFA World Cup 2026 Scams Are Already Active: Fake Domains, Phishing Sites, and How to Stay Safe Read More »

OverlayPhantom: The Android Banking Trojan Hiding in Plain Sight

Android, Credential Harvesting, cyber news, Malware, phishing, spyware, trojan / SecurityTicks

OverlayPhantom: The Android Banking Trojan Hiding in Plain Sight 2026-05-27 at 09:24 By rohansinhacyblecom Executive Summary Cyble Research and Intelligence Labs (CRIL) has identified a novel Android banking trojan, dubbed OverlayPhantom, actively distributed in the wild via malicious URLs. The malware employs a two-stage infection chain, using a dropper application that impersonates trusted platforms, including

OverlayPhantom: The Android Banking Trojan Hiding in Plain Sight Read More »

JOMANGY: INJ3CTOR3’s Self-Healing FreePBX Toll Fraud Campaign

cyber news, cybercrime, Malware / SecurityTicks

JOMANGY: INJ3CTOR3’s Self-Healing FreePBX Toll Fraud Campaign 2026-05-21 at 16:56 By rohansinhacyblecom Executive Summary Cyble Research & Intelligence Labs (CRIL) has identified an active FreePBX exploitation campaign, with high confidence tied to INJ3CTOR3, an actor with a documented history of targeting VoIP infrastructure for financial gain since 2019. The campaign deploys a multi-stage Bash dropper

JOMANGY: INJ3CTOR3’s Self-Healing FreePBX Toll Fraud Campaign Read More »

GCC Cyber 2026: How Digital Banking Expansion Is Creating a New Attack Surface Attackers Are Already Exploiting

attack surface management, cyber news, cybersecurity, GCC / SecurityTicks

GCC Cyber 2026: How Digital Banking Expansion Is Creating a New Attack Surface Attackers Are Already Exploiting 2026-05-15 at 17:46 By Ashish Khaitan The Gulf Cooperation Council (GCC) region has spent the last several years building one of the world’s most ambitious digital economies. Across Bahrain, Kuwait, Oman, Qatar, Saudi Arabia, and the UAE, governments

GCC Cyber 2026: How Digital Banking Expansion Is Creating a New Attack Surface Attackers Are Already Exploiting Read More »

Cyble Recognized in the 2026 Gartner® Magic Quadrant™ for Cyberthreat Intelligence Technologies — and What Cyble Feels It Means for the Next Era of Threat Intel

cyber news / SecurityTicks

Cyble Recognized in the 2026 Gartner® Magic Quadrant™ for Cyberthreat Intelligence Technologies — and What Cyble Feels It Means for the Next Era of Threat Intel 2026-05-07 at 13:26 By Keethana Cyble This morning, Cyble was recognized in the 2026 Gartner® Magic Quadrant™ for Cyberthreat Intelligence Technologies as a Challenger. I want to use this post for two things. First, to thank the people who got us here. Second,

Cyble Recognized in the 2026 Gartner® Magic Quadrant™ for Cyberthreat Intelligence Technologies — and What Cyble Feels It Means for the Next Era of Threat Intel Read More »

Third-Party Breaches Without Breaches: How Attackers Use Trusted Access to Bypass US Enterprise Defenses

attack surface management, cyber news, data breach / SecurityTicks

Third-Party Breaches Without Breaches: How Attackers Use Trusted Access to Bypass US Enterprise Defenses 2026-05-06 at 18:37 By Ashish Khaitan The modern enterprise is no longer breached in the traditional sense. Firewalls remain intact; endpoints appear compliant, and credentials are often never “stolen” in the usual way. Yet attackers still get in—and stay in. The difference lies

Third-Party Breaches Without Breaches: How Attackers Use Trusted Access to Bypass US Enterprise Defenses Read More »

Cyble Named a Challenger in the 2026 Gartner® Magic Quadrant™ for Cyber Threat Intelligence

cyber news / SecurityTicks

Cyble Named a Challenger in the 2026 Gartner® Magic Quadrant™ for Cyber Threat Intelligence 2026-05-04 at 21:07 By Cyble Recognized for Completeness of Vision and Ability to Execute We are excited to share that Cyble has been recognized as a Challenger in the 2026 Gartner® Magic Quadrant™ for Cyber Threat Intelligence. Check back for a

Cyble Named a Challenger in the 2026 Gartner® Magic Quadrant™ for Cyber Threat Intelligence Read More »

The Week in Vulnerabilities: GitHub Enterprise, Argo CD, Oracle Identity Manager, and Mozilla Security Flaws

cyber news, vulnerability, vulnerability management / SecurityTicks

The Week in Vulnerabilities: GitHub Enterprise, Argo CD, Oracle Identity Manager, and Mozilla Security Flaws 2026-04-30 at 16:45 By Ashish Khaitan The latest weekly vulnerability Insights report to clients by Cyble provides a detailed view of vulnerabilities tracked between April 15, 2026, and April 21, 2026. The findings highlight a slight dip in overall disclosures compared to the previous week, but the persistence

The Week in Vulnerabilities: GitHub Enterprise, Argo CD, Oracle Identity Manager, and Mozilla Security Flaws Read More »

How Cyble Blaze AI Turns Billions of Threat Signals into Actionable Intelligence

AI in Cybersecurity, cyber news, Threat Intelligence / SecurityTicks

How Cyble Blaze AI Turns Billions of Threat Signals into Actionable Intelligence 2026-04-29 at 16:13 By Ashish Khaitan Modern cyberattacks no longer follow predictable patterns or slow timelines. They unfold at machine speed, often moving from initial access to data exfiltration in minutes. In this environment, security teams face a paradox: they are surrounded by vast amounts

How Cyble Blaze AI Turns Billions of Threat Signals into Actionable Intelligence Read More »

ANZ Organizations Are in the Ransomware Crosshairs— What the Dark Web Is Telling Us

ANZ, cyber news, Ransomware, Ransomware Insights, Threat Actor, Threat Intelligence / SecurityTicks

ANZ Organizations Are in the Ransomware Crosshairs— What the Dark Web Is Telling Us 2026-04-28 at 14:02 By Ashish Khaitan The conversation around ANZ ransomware threats has shifted noticeably over the past year. What once looked like sporadic, high-profile incidents has evolved into a sustained and structured campaign against organizations across Australia and New Zealand. Signals emerging from underground forums

ANZ Organizations Are in the Ransomware Crosshairs— What the Dark Web Is Telling Us Read More »

Why U.S. Critical Infrastructure Is the Highest-Value Target in the Global Cyber War

america, cyber news, Cyberwarfare / SecurityTicks

Why U.S. Critical Infrastructure Is the Highest-Value Target in the Global Cyber War 2026-04-27 at 20:43 By Ashish Khaitan The idea that cyber conflict operates quietly in the background no longer holds. What used to be a shadow contest of espionage and occasional disruption has evolved into something far more direct and consequential. Today, the cyber war on

Why U.S. Critical Infrastructure Is the Highest-Value Target in the Global Cyber War Read More »

Operation TrustTrap: Anatomy of a Large-Scale Deceptive Domain Spoofing Campaign

cyber news / SecurityTicks

Operation TrustTrap: Anatomy of a Large-Scale Deceptive Domain Spoofing Campaign 2026-04-24 at 16:24 By rohansinhacyblecom Executive Summary Cyble Research and Intelligence Labs (CRIL) identified a campaign of over 16,800 malicious domains active since early 2026. It uses a potent technique — embedding government labels as subdomains to fake trust without DNS authority. We have dubbed

Operation TrustTrap: Anatomy of a Large-Scale Deceptive Domain Spoofing Campaign Read More »

Why AI Cybersecurity Is No Longer Optional for Australian Organizations: Moving from Reactive to Predictive Defense

AI in Cybersecurity, ANZ, cyber news, Threat Intelligence / SecurityTicks

Why AI Cybersecurity Is No Longer Optional for Australian Organizations: Moving from Reactive to Predictive Defense 2026-04-23 at 16:07 By Ashish Khaitan Cybersecurity is no longer a luxury or an afterthought for Australian organizations; it is a necessity. The scale and complexity of cyberattacks have reached unprecedented levels, and businesses, government bodies, and critical infrastructure

Why AI Cybersecurity Is No Longer Optional for Australian Organizations: Moving from Reactive to Predictive Defense Read More »

Why Indian Enterprises Are a Prime Target for Dark Web Credential Markets

cyber news, Dark Web Monitoring, darkweb, Threat Intelligence / SecurityTicks

Why Indian Enterprises Are a Prime Target for Dark Web Credential Markets 2026-04-22 at 13:48 By Ashish Khaitan The underground economy of stolen credentials has matured into a structured, high-volume marketplace, and Indian enterprises are at the center. What makes this trend notable is not just the scale of cyber incidents in India, but the

Why Indian Enterprises Are a Prime Target for Dark Web Credential Markets Read More »

Threat Landscape March 2026: Ransomware Dominance, Access Brokers, Data Leaks, and Critical Exploitation Trends

cyber news, cybersecurity, data breach, Data leak, Ransomware, Threat Intelligence, Threat Landscape Reports, vulnerability / SecurityTicks

Threat Landscape March 2026: Ransomware Dominance, Access Brokers, Data Leaks, and Critical Exploitation Trends 2026-04-20 at 14:37 By Mihir Bagwe Cyble Research & Intelligence Labs (CRIL) in its monthly threat landscape analysis observed a highly active threat environment throughout March 2026, shaped by large-scale ransomware campaigns, persistent data breach activity, growing initial access brokerage markets,

Threat Landscape March 2026: Ransomware Dominance, Access Brokers, Data Leaks, and Critical Exploitation Trends Read More »

Four Nationally Significant Cyberattacks Every Week — Is the UK Ready?

cyber news, cyberattack, EU, Threat Intelligence / SecurityTicks

Four Nationally Significant Cyberattacks Every Week — Is the UK Ready? 2026-04-17 at 17:52 By Ashish Khaitan The tempo of UK cyberattacks has shifted from sporadic disruption to something far more systemic. When incidents reach a frequency of four national events each week, the issue stops being purely technical and becomes structural. It raises a more uncomfortable

Four Nationally Significant Cyberattacks Every Week — Is the UK Ready? Read More »

The Week in Vulnerabilities: Azure AI, Spring AI, Fortinet, and Critical ICS Exposure

cyber news, Threat Intelligence, vulnerability, vulnerability management, Weekly Vulnerability Report / SecurityTicks

The Week in Vulnerabilities: Azure AI, Spring AI, Fortinet, and Critical ICS Exposure 2026-04-16 at 15:04 By Mihir Bagwe Cyble Research & Intelligence Labs (CRIL) in its weekly vulnerability report tracked 1,431 bugs last week. Of these, over 270 vulnerabilities have publicly available Proof-of-Concept (PoC) exploits, significantly accelerating exploitation timelines and increasing real-world attack likelihood.

The Week in Vulnerabilities: Azure AI, Spring AI, Fortinet, and Critical ICS Exposure Read More »

How Cyble Blaze AI Delivers 360° Threat Visibility Across Dark Web and Enterprise Systems

AI in Cybersecurity, cyber news, Cyberwarfare, Threat Intelligence / SecurityTicks

How Cyble Blaze AI Delivers 360° Threat Visibility Across Dark Web and Enterprise Systems 2026-04-15 at 16:17 By Ashish Khaitan Modern cybersecurity no longer suffers from a lack of data; it suffers too much of it, scattered across systems that rarely speak the same language. Security teams today must monitor endpoints, cloud workloads, SaaS applications, and an ever-expanding universe

How Cyble Blaze AI Delivers 360° Threat Visibility Across Dark Web and Enterprise Systems Read More »

MiningDropper – A Global Modular Android Malware Campaign Operating at Scale

cyber news / SecurityTicks

MiningDropper – A Global Modular Android Malware Campaign Operating at Scale 2026-04-15 at 16:07 By rohansinhacyblecom Executive Summary Cyble Research and Intelligence Labs (CRIL) has been monitoring a significant surge in the use of “MiningDropper”, a sophisticated Android malware delivery framework that combines cryptocurrency mining capabilities with the deployment of infostealers, Remote Access Trojans (RATs),

MiningDropper – A Global Modular Android Malware Campaign Operating at Scale Read More »