RH-ISAC Announces Keynote Speakers for 2026 Cybersecurity Summit

VIENNA, VA (12 February 2026) — The Retail & Hospitality Information Sharing and Analysis Center (RH-ISAC) has announced the keynote speakers for its annual Cybersecurity Summit, taking place 13-15 April 2026, in Austin, Texas. This annual event brings together cybersecurity professionals from the retail and hospitality sectors to discuss the current security landscape. 2026 Keynote…

Read More

Multiple Researchers Confirm Active Exploitation of SolarWinds Web Help Desk Instances

Summary Threat actors are actively exploiting critical vulnerabilities in internet-exposed SolarWinds Web Help Desk (WHD) instances to achieve unauthenticated remote code execution. These intrusions follow a high-impact pattern where a single unpatched application serves as a gateway for lateral movement and full domain compromise. Once inside, attackers deploy a mix of legitimate remote monitoring tools and…

Read More

Singapore Government Reports Technical Details of Telecom Targeting by Alleged Chinese State-Backed Threat Group

Executive Summary On 9 February 2026, Singapore authorities confirmed that the China-linked cyber espionage group UNC3886 conducted a deliberate, targeted, and well-planned operation against all four of the country’s major telecommunications operators: M1, SIMBA Telecom, Singtel, and StarHub. Threat Actor Profile UNC3886 is reported as a highly disciplined and stealthy state-linked threat actor. The group targets strategic organizations…

Read More

RH-ISAC Unveils 2025 Year in Review

VIENNA, VA (27 January 2026) —The Retail & Hospitality Information Sharing and Analysis Center (RH-ISAC) today announced the release of its 2025 Year in Review report. The report details a landmark year of expansion, featuring continued growth in membership numbers, the launch of critical fraud-fighting initiatives, and a strengthened global footprint across the Americas, Asia Pacific,…

Read More

Fortinet Confirms Active FortiCloud SSO Bypass on Fully Patched FortiGate Firewalls for CVE-2025-59718 and CVE-2025-59719

Summary A newly identified cluster of automated malicious activity is targeting Fortinet FortiGate appliances by exploiting an unauthenticated Single Sign-On (SSO) bypass, according to new intelligence from Arctic Wolf. Commencing in January 2026, threat actors have successfully compromised devices even after the application of patches for CVE-2025-59718 and CVE-2025-59719, indicating a new attack path or incomplete remediation. The automated…

Read More

Okta Warns Users of Custom Vishing Kits Potentially Affiliated with ShinyHunters

Executive Summary Okta has issued a warning about sophisticated vishing (voice-based social engineering) attacks targeting single sign-on (SSO) credentials. Threat actors are using custom phishing kits designed specifically for real-time voice call interactions to steal Okta SSO credentials and conduct data theft operations. These attacks are currently active and targeting companies in the Fintech, financial, and…

Read More

Securonix Warns of PHALT#BLYX Malware Campaign Targeting Hospitality Sector via Fake Bookings

Summary Securonix researchers have identified a new malware campaign, dubbed PHALT#BLYX, actively targeting the hospitality sector with a multi-stage infection chain. Threat actors leverage a “ClickFix” social engineering tactic, using fake reservation emails and deceptive “Blue Screen of Death” (BSOD) pages to deceive victims into executing malicious PowerShell commands. This campaign notably bypasses defenses by…

Read More