Xcitium Logo
Docker CVE-2026-34040: AuthZ Bypass Enables Host Compromise
Docker CVE-2026-34040: AuthZ Bypass Enables Host Compromise

High-severity flaw found in Docker Engine (CVE-2026-34040), where attackers may bypass container...

Iranian APT Group Hacks PLCs Across US Critical Infrastructure
Iranian APT Group Hacks PLCs Across US Critical Infrastructure

Recently, a joint alert was released by several agencies including FBI, CISA, and NSA, among...

Storm-1175 and Medusa Ransomware: High-Speed Zero-Day Exploitation
Storm-1175 and Medusa Ransomware: High-Speed Zero-Day Exploitation

Lightning-Fast Ransomware Breaches Storm-1175 is a Chinese cybercriminal group behind Medusa...

FBI Surveillance System Breach Labeled a “Major Incident”
FBI Surveillance System Breach Labeled a “Major Incident”

Recently, it was officially reported by the FBI that their internal wiretap network was breached...

LinkedIn Account Attack Alert: Fake Violation Phishing Puts 1.2B Users at Risk
LinkedIn Account Attack Alert: Fake Violation Phishing Puts 1.2B Users at Risk

Phishing attacks have been initiated against LinkedIn, wherein the perpetrators have targeted...

The EDR Era Ends with AI, Xcitium Starts the Post-EDR Era
The EDR Era Ends with AI, Xcitium Starts the Post-EDR Era

Endpoint security has evolved significantly over the last 30 years. The earliest antivirus systems...

EvilTokens And Microsoft Device Code Phishing: Why OAuth Token Theft Is Scaling Fast
EvilTokens And Microsoft Device Code Phishing: Why OAuth Token Theft Is Scaling Fast

The EvilTokens approach is taking the Microsoft device code phishing into a more ‘productized’...

Axios npm Supply Chain Compromise: How A Trusted Dependency Became A Cross-Platform Backdoor
Axios npm Supply Chain Compromise: How A Trusted Dependency Became A Cross-Platform Backdoor

One of the most popular HTTP client libraries in use, Axios, with more than 100 million weekly...

DeepLoad Malware Uses ClickFix and WMI Persistence to Steal Browser Credentials
DeepLoad Malware Uses ClickFix and WMI Persistence to Steal Browser Credentials

Why This DeepLoad Campaign Stands Out DeepLoad is a newly observed malware loader that shows a...