Xcitium Logo
170M+ Exposed: Why AT&T’s Old Data Is Today’s Security Nightmare
170M+ Exposed: Why AT&T’s Old Data Is Today’s Security Nightmare

Recently, a large dataset associated with AT&T has re-emerged, validating that time does not...

Chinese APT Lotus Blossom Hijacks Notepad++ in Stealth Espionage Attack
Chinese APT Lotus Blossom Hijacks Notepad++ in Stealth Espionage Attack

The popular code editor Notepad++ was recently at the center of a stealth cyber-espionage incident....

Trust Under Fire: How Hackers Are Using Hugging Face to Spread Android Malware
Trust Under Fire: How Hackers Are Using Hugging Face to Spread Android Malware

Find out how cybercriminals are using Hugging Face to spread thousands of Android malware variants....

How ShinyHunters Use Vishing to Breach Enterprise SSO and Steal Cloud Data
How ShinyHunters Use Vishing to Breach Enterprise SSO and Steal Cloud Data

Discover how the ShinyHunters group uses sophisticated vishing and SSO abuse to bypass MFA and...

The Alarming Reality: 175,000 Ollama AI Servers Exposed Globally
The Alarming Reality: 175,000 Ollama AI Servers Exposed Globally

Discover how 175,000 Ollama AI servers are publicly exposed across 130 countries, posing...

Critical Telnet Flaw Exposes 800,000+ Servers to Remote Root Access
Critical Telnet Flaw Exposes 800,000+ Servers to Remote Root Access

An authentication bypass (CVE-2026-24061) has left nearly 800,000 Telnet servers vulnerable....

DevMan Ransomware: The Rise of DragonForce’s Successor
DevMan Ransomware: The Rise of DragonForce’s Successor

DevMan Ransomware is rapidly emerging as a highly active threat. Explore its Conti roots, evolving...

Unmasking Sneaky 2FA: How Modern Phishing Kits Bypass MFA in 2026
Unmasking Sneaky 2FA: How Modern Phishing Kits Bypass MFA in 2026

Discover how the Sneaky 2FA phishing kit uses AiTM and BitB techniques to bypass multi-factor...

ClawdBot Security Flaw Exposes 900+ AI Gateways Worldwide
ClawdBot Security Flaw Exposes 900+ AI Gateways Worldwide

Over 900 ClawdBot AI assistant instances exposed online, leaking API keys and private chats. Learn...