• Residential proxies make a mockery of IP-based defenses
• Product showcase: Proton Authenticator is an end-to-end encrypted, open source 2FA app
• IT talent looks the other way as wireless security incidents pile up
• CISOs grapple with AI demands within flat budgets
• FortiClient EMS zero-day exploited, emergency hotfixes available (CVE-2026-35616)
• Cisco IMC auth bypass vulnerability allows attackers to alter user passwords (CVE-2026-20093)
• Claude Code source leak exploited to spread malware
• New Phishing Platform Used in Credential Theft Campaigns Against C-Suite Execs
• New 'Storm' Infostealer Remotely Decrypts Stolen Credentials
• NCSC Issues Security Alert Over Hackers Targeting WhatsApp and Signal Accounts
• Apple Expands iOS 18 Security Updates Amid DarkSword Threat
• Researchers Observe Sub-One-Hour Ransomware Attacks
• GitHub Used as Covert Channel in Multi-Stage Malware Campaign
• Most CNI Firms Face Up to £5m in Downtime from OT Attacks
• Google Introduces Android Dev Verification Amid Openness Debate
• New Venom Stealer MaaS Platform Automates Continuous Data Theft
• Chinese Hackers Target European Governments in Espionage Campaigns
• Eight in 10 UK Manufacturers Hit by Cyber Incident in a Year
• Hackers Hijack Axios npm Package to Spread RATs
• Maryland Man Charged Over $53m Uranium Finance Crypto Hack
• Phantom Project Bundles Infostealer, Crypter and RAT For Sale
• ChatGPT Security Issue Enabled Data Theft via Single Prompt

Attack traffic moved through ordinary home and mobile connections in ways that limited the usefulness of IP reputation on its own. GreyNoise observed 4 billion malicious sessions during a 90-day period and described activity that appeared indistinguishable from normal user traffic at the network level. Residential proxies routed traffic through consumer broadband, mobile data, and small-business connections. These same IP ranges were used by employees, customers, and partners, which made it difficult to separate malicious …