Blog archive

Researchers Uncover Batavia Windows Spyware Stealing Documents from Russian Firms

Russian organizations have been targeted as part of an ongoing campaign that delivers a previously...

08
Jul
CISA Adds Four Critical Vulnerabilities to KEV Catalog Due to Active Exploitation

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added four security flaws to...

08
Jul
SEO Poisoning Campaign Targets 8,500+ SMB Users with Malware Disguised as AI Tools

Cybersecurity researchers have disclosed a malicious campaign that leverages search engine optimization (SEO) poisoning techniques...

07
Jul
Legal Metrology Meets the Digital Age
July 7, 2025

The days when a telephone was just a device to make phone calls are long...

âš¡ Weekly Recap: Chrome 0-Day, Ivanti Exploits, MacOS Stealers, Crypto Heists and More

Everything feels secure—until one small thing slips through. Even strong systems can break if a...

07
Jul
Manufacturing Security: Why Default Passwords Must Go

If you didn’t hear about Iranian hackers breaching US water facilities, it’s because they only managed...

07
Jul
TAG-140 Deploys DRAT V2 RAT, Targeting Indian Government, Defense, and Rail Sectors

A hacking group with ties other than Pakistan has been found targeting Indian government organizations...

07
Jul
Taiwan NSB Alerts Public on Data Risks from TikTok, Weibo, and RedNote Over China Ties

Taiwan’s National Security Bureau (NSB) has warned that China-developed applications like RedNote (aka Xiaohongshu), Weibo,...

05
Jul
Alert: Exposed JDWP Interfaces Lead to Crypto Mining, Hpingbot Targets SSH for DDoS

Threat actors are weaponizing exposed Java Debug Wire Protocol (JDWP) interfaces to obtain code execution...

05
Jul
NightEagle APT Exploits Microsoft Exchange Flaw to Target China’s Military and Tech Sectors

Cybersecurity researchers have shed light on a previously undocumented threat actor called NightEagle (aka APT-Q-95)...

04
Jul
Your AI Agents Might Be Leaking Data — Watch this Webinar to Learn How to Stop It

Generative AI is changing how businesses work, learn, and innovate. But beneath the surface, something...

04
Jul
Critical Sudo Vulnerabilities Let Local Users Gain Root Access on Linux, Impacting Major Distros

Cybersecurity researchers have disclosed two security flaws in the Sudo command-line utility for Linux and...

04
Jul
Google Ordered to Pay $314M for Misusing Android Users’ Cellular Data Without Permission

Google has been ordered by a court in the U.S. state of California to pay...

04
Jul
Massive Android Fraud Operations Uncovered: IconAds, Kaleidoscope, SMS Malware, NFC Scams

A mobile ad fraud operation dubbed IconAds that consisted of 352 Android apps has been...

03
Jul
Over 40 Malicious Firefox Extensions Target Cryptocurrency Wallets, Stealing User Assets

Cybersecurity researchers have uncovered over 40 malicious browser extensions for Mozilla Firefox that are designed...

03
Jul
The Hidden Weaknesses in AI SOC Tools that No One Talks About

If you’re evaluating AI-powered SOC platforms, you’ve likely seen bold claims: faster triage, smarter remediation,...

03
Jul
Chinese Hackers Exploit Ivanti CSA Zero-Days in Attacks on French Government, Telecoms

The French cybersecurity agency on Tuesday revealed that a number of entities spanning governmental, telecommunications,...

03
Jul
Critical Cisco Vulnerability in Unified CM Grants Root Access via Static Credentials

Cisco has released security updates to address a maximum-severity security flaw in Unified Communications Manager...

03
Jul
North Korean Hackers Target Web3 with Nim Malware and Use ClickFix in BabyShark Campaign

Threat actors with ties to North Korea have been observed targeting Web3 and cryptocurrency-related businesses...

02
Jul
That Network Traffic Looks Legit, But it Could be Hiding a Serious Threat

With nearly 80% of cyber threats now mimicking legitimate user behavior, how are top SOCs...

02
Jul
Hackers Using PDFs to Impersonate Microsoft, DocuSign, and More in Callback Phishing Campaigns

Cybersecurity researchers are calling attention to phishing campaigns that impersonate popular brands and trick targets...

02
Jul
U.S. Sanctions Russian Bulletproof Hosting Provider for Supporting Cybercriminals Behind Ransomware

The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) has levied sanctions...

02
Jul
Vercel’s v0 AI Tool Weaponized by Cybercriminals to Rapidly Create Fake Login Pages at Scale

Unknown threat actors have been observed weaponizing v0, a generative artificial intelligence (AI) tool from...

02
Jul
Critical Vulnerability in Anthropic’s MCP Exposes Developer Machines to Remote Exploits

Cybersecurity researchers have discovered a critical security vulnerability in artificial intelligence (AI) company Anthropic’s Model...

01
Jul
TA829 and UNK_GreenSec Share Tactics and Infrastructure in Ongoing Malware Campaigns

Cybersecurity researchers have flagged the tactical similarities between the threat actors behind the RomCom RAT...

01
Jul
New Flaw in IDEs Like Visual Studio Code Lets Malicious Extensions Bypass Verified Status

A new study of integrated development environments (IDEs) like Microsoft Visual Studio Code, Visual Studio,...

01
Jul
A New Maturity Model for Browser Security: Closing the Last-Mile Risk

Despite years of investment in Zero Trust, SSE, and endpoint protection, many enterprises are still...

01
Jul
Google Patches Critical Zero-Day Flaw in Chrome’s V8 Engine After Active Exploitation

Google has released security updates to address a vulnerability in its Chrome browser for which...

01
Jul
U.S. Arrests Key Facilitator in North Korean IT Worker Scheme, Seizes $7.74 Million

The U.S. Department of Justice (DoJ) on Monday announced sweeping actions targeting the North Korean...

01
Jul
Microsoft Removes Password Management from Authenticator App Starting August 2025

Microsoft has said that it’s ending support for passwords in its Authenticator app starting August...

01
Jul