Blog archive

Storm-1977 Hits Education Clouds with AzureChecker, Deploys 200+ Crypto Mining Containers

Microsoft has revealed that a threat actor it tracks as Storm-1977 has conducted password spraying...

27
Apr
ToyMaker Uses LAGTOY to Sell Access to CACTUS Ransomware Gangs for Double Extortion

Cybersecurity researchers have detailed the activities of an initial access broker (IAB) dubbed ToyMaker that...

26
Apr
North Korean Hackers Spread Malware via Fake Crypto Firms and Job Interview Lures

North Korea-linked threat actors behind the Contagious Interview have set up front companies as a...

25
Apr
SAP Confirms Critical NetWeaver Flaw Amid Suspected Zero-Day Exploitation by Hackers

Threat actors are likely exploiting a new vulnerability in SAP NetWeaver to upload JSP web...

25
Apr
Why NHIs Are Security’s Most Dangerous Blind Spot

When we talk about identity in cybersecurity, most people think of usernames, passwords, and the...

25
Apr
Researchers Identify Rack::Static Vulnerability Enabling Data Breaches in Ruby Servers

Cybersecurity researchers have disclosed three security flaws in the Rack Ruby web server interface that,...

25
Apr
DslogdRAT Malware Deployed via Ivanti ICS Zero-Day CVE-2025-0282 in Japan Attacks

Cybersecurity researchers are warning about a new malware called DslogdRAT that’s installed following the exploitation...

25
Apr
Lazarus Hits 6 South Korean Firms via Cross EX, Innorix Zero-Day and ThreatNeedle Malware

At least six organizations in South Korea have been targeted by the prolific North Korea-linked...

24
Apr
Linux io_uring PoC Rootkit Bypasses System Call-Based Threat Detection Tools

Cybersecurity researchers have demonstrated a proof-of-concept (PoC) rootkit dubbed Curing that leverages a Linux asynchronous...

24
Apr
159 CVEs Exploited in Q1 2025 — 28.3% Within 24 Hours of Disclosure

As many as 159 CVE identifiers have been flagged as exploited in the wild in...

24
Apr
Darcula Adds GenAI to Phishing Toolkit, Lowering the Barrier for Cybercriminals

The threat actors behind the Darcula phishing-as-a-service (PhaaS) platform have released new updates to their...

24
Apr
Automating Zero Trust in Healthcare: From Risk Scoring to Dynamic Policy Enforcement Without Network Redesign

The Evolving Healthcare Cybersecurity Landscape  Healthcare organizations face unprecedented cybersecurity challenges in 2025. With operational...

24
Apr
Critical Commvault Command Center Flaw Enables Attackers to Execute Code Remotely

A critical security flaw has been disclosed in the Commvault Command Center that could allow...

24
Apr
WhatsApp Adds Advanced Chat Privacy to Blocks Chat Exports and Auto-Downloads

WhatsApp has introduced an extra layer of privacy called Advanced Chat Privacy that allows users...

24
Apr
DPRK Hackers Steal $137M from TRON Users in Single-Day Phishing Attack

Multiple threat activity clusters with ties to North Korea (aka Democratic People’s Republic of Korea...

23
Apr
Iran-Linked Hackers Target Israel with MURKYTOUR Malware via Fake Job Campaign

The Iran-nexus threat actor known as UNC2428 has been observed delivering a backdoor known as...

23
Apr
Android Spyware Disguised as Alpine Quest App Targets Russian Military Devices

Cybersecurity researchers have revealed that Russian military personnel are the target of a new malicious...

23
Apr
Three Reasons Why the Browser is Best for Stopping Phishing Attacks

Phishing attacks remain a huge challenge for organizations in 2025. In fact, with attackers increasingly...

23
Apr
Russian Hackers Exploit Microsoft OAuth to Target Ukraine Allies via Signal and WhatsApp

Multiple suspected Russia-linked threat actors are “aggressively” targeting individuals and organizations with ties to Ukraine...

23
Apr
Ripple’s xrpl.js npm Package Backdoored to Steal Private Keys in Major Supply Chain Attack

The Ripple cryptocurrency npm JavaScript library named xrpl.js has been compromised by unknown threat actors...

23
Apr
Google Drops Cookie Prompt in Chrome, Adds IP Protection to Incognito

Google on Tuesday revealed that it will no longer offer a standalone prompt for third-party...

23
Apr
Docker Malware Exploits Teneo Web3 Node to Earn Crypto via Fake Heartbeat Signals

Cybersecurity researchers have detailed a malware campaign that’s targeting Docker environments with a previously undocumented...

22
Apr
GCP Cloud Composer Bug Let Attackers Elevate Access via Malicious PyPI Packages

Cybersecurity researchers have detailed a now-patched vulnerability in Google Cloud Platform (GCP) that could have...

22
Apr
Listening Beyond Hearing: Thriving as a Disabled Professional at SECOM (Part 2)

At SECOM, the diversity of our team allows more realistic testing for clients. There is...

22
Apr
5 Major Concerns With Employees Using The Browser

As SaaS and cloud-native work reshape the enterprise, the web browser has emerged as the...

22
Apr
Phishers Exploit Google Sites and DKIM Replay to Send Signed Emails, Steal Credentials

In what has been described as an “extremely sophisticated phishing attack,” threat actors have leveraged...

22
Apr
Microsoft Secures MSA Signing with Azure Confidential VMs Following Storm-0558 Breach

Microsoft on Monday announced that it has moved the Microsoft Account (MSA) signing service to...

22
Apr
Lotus Panda Hacks SE Asian Governments With Browser Stealers and Sideloaded Malware

The China-linked cyber espionage group tracked as Lotus Panda has been attributed to a campaign...

22
Apr
Kimsuky Exploits BlueKeep RDP Vulnerability to Breach Systems in South Korea and Japan

Cybersecurity researchers have flagged a new malicious campaign related to the North Korean state-sponsored threat...

21
Apr
SuperCard X Android Malware Enables Contactless ATM and PoS Fraud via NFC Relay Attacks

A new Android malware-as-a-service (MaaS) platform named SuperCard X can facilitate near-field communication (NFC) relay...

21
Apr