PM This week in cybersecurity: botnets, RCE flaws, AI-driven attacks, stealers, and more. Fast, no-fluff roundup.

Over 1,000 exposed ComfyUI instances exploited via unauthenticated code execution, enabling Monero mining and botnet expansion.

The financially motivated cybercriminal threat actor Storm-1175 operates high-velocity ransomware campaigns that weaponize ...

A new wave of device code phishing shows how threat actors are scaling account compromise using AI and end‑to‑end automation.

Overview Recently, NSFOCUS Technology CERT detected that the GitHub community disclosed that there was a credential stealing program in the new version of LiteLLM. Analysis confirmed that it had ...

This is an updated version of our DDOS script written in Python incorporating Selenium ran in command line. It allows us to simulate DDoS attacks through single IP and multiple-IP (IP spoofing) ...

This article was updated with additional resources and commentary on March 5, 2026. Hospitals, health systems and other healthcare organizations nationwide face real risks in the form of retaliation ...

Wikipedia editors have decided to remove all links to Archive.today, a web archiving service that they said has been linked to more than 695,000 times across the online encyclopedia. Archive.today — ...

The English-language edition of Wikipedia is blacklisting Archive.today after the controversial archive site was used to direct a distributed denial of service (DDoS) attack against a blog. In the ...

The FTC first sued Express Scripts, CVS Caremark, and Optum in 2024, claiming anticompetitive and unfair rebating practices surrounding insulin. “Caremark, [Express Scripts], and Optum—as medication ...