Blog archive

Nation-State Hackers Deploy New Airstalk Malware in Suspected Supply Chain Attack

A suspected nation-state threat actor has been linked to the distribution of a new malware...

31
Oct
China-Linked Hackers Exploit Windows Shortcut Flaw to Target European Diplomats

A China-affiliated threat actor known as UNC6384 has been linked to a fresh set of...

31
Oct
China-Linked Tick Group Exploits Lanscope Zero-Day to Hijack Corporate Systems

The exploitation of a recently disclosed critical security flaw in Motex Lanscope Endpoint Manager has...

31
Oct
The MSP Cybersecurity Readiness Guide: Turning Security into Growth

MSPs are facing rising client expectations for strong cybersecurity and compliance outcomes, while threats grow...

31
Oct
CISA and NSA Issue Urgent Guidance to Secure WSUS and Microsoft Exchange Servers

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and National Security Agency (NSA), along with...

31
Oct
Eclipse Foundation Revokes Leaked Open VSX Tokens Following Wiz Discovery

Eclipse Foundation, which maintains the open-source Open VSX project, said it has taken steps to...

31
Oct
CISA Flags VMware Zero-Day Exploited by China-Linked Hackers in Active Attacks

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a high-severity security flaw...

31
Oct
A New Security Layer for macOS Takes Aim at Admin Errors Before Hackers Do

A design firm is editing a new campaign video on a MacBook Pro. The creative...

31
Oct
Google’s Built-In AI Defenses on Android Now Block 10 Billion Scam Messages a Month

Google on Thursday revealed that the scam defenses built into Android safeguard users around the...

30
Oct
Russian Ransomware Gangs Weaponize Open-Source AdaptixC2 for Advanced Attacks

The open-source command-and-control (C2) framework known as AdaptixC2 is being used by a growing number...

30
Oct
New “Brash” Exploit Crashes Chromium Browsers Instantly with a Single Malicious URL

A severe vulnerability disclosed in Chromium’s Blink rendering engine can be exploited to crash many...

30
Oct
The Death of the Security Checkbox: BAS Is the Power Behind Real Defense

Security doesn’t fail at the point of breach. It fails at the point of impact. ...

30
Oct
ThreatsDay Bulletin: DNS Poisoning Flaw, Supply-Chain Heist, Rust Malware Trick and New RATs Rising

The comfort zone in cybersecurity is gone. Attackers are scaling down, focusing tighter, and squeezing...

30
Oct
PhantomRaven Malware Found in 126 npm Packages Stealing GitHub Tokens From Devs

Cybersecurity researchers have uncovered yet another active software supply chain attack campaign targeting the npm...

30
Oct
Experts Reports Sharp Increase in Automated Botnet Attacks Targeting PHP Servers and IoT Devices

Cybersecurity researchers are calling attention to a spike in automated attacks targeting PHP servers, IoT...

29
Oct
New AI-Targeted Cloaking Attack Tricks AI Crawlers Into Citing Fake Info as Verified Facts

Cybersecurity researchers have flagged a new security issue in agentic web browsers like OpenAI ChatGPT...

29
Oct
Preparing for the Digital Battlefield of 2026: Ghost Identities, Poisoned Accounts, & AI Agent Havoc

BeyondTrust’s annual cybersecurity predictions point to a year where old defenses will fail quietly, and...

29
Oct
Russian Hackers Target Ukrainian Organizations Using Stealthy Living-Off-the-Land Tactics

Organizations in Ukraine have been targeted by threat actors of Russian origin with an aim...

29
Oct
Discover Practical AI Tactics for GRC — Join the Free Expert Webinar

Artificial Intelligence (AI) is rapidly transforming Governance, Risk, and Compliance (GRC). It’s no longer a...

29
Oct
10 npm Packages Caught Stealing Developer Credentials on Windows, macOS, and Linux

Cybersecurity researchers have discovered a set of 10 malicious npm packages that are designed to...

29
Oct
Active Exploits Hit Dassault and XWiki — CISA Confirms Critical Flaws Under Attack

Threat actors are actively exploiting multiple security flaws impacting Dassault Systèmes DELMIA Apriso and XWiki,...

29
Oct
New TEE.Fail Side-Channel Attack Extracts Secrets from Intel and AMD DDR5 Secure Enclaves

A group of academic researchers from Georgia Tech, Purdue University, and Synkhronix have developed a...

28
Oct
New Android Trojan ‘Herodotus’ Outsmarts Anti-Fraud Systems by Typing Like a Human

Cybersecurity researchers have disclosed details of a new Android banking trojan called Herodotus that has...

28
Oct
Researchers Expose GhostCall and GhostHire: BlueNoroff’s New Malware Chains

Threat actors tied to North Korea have been observed targeting the Web3 and blockchain sectors...

28
Oct
Why Early Threat Detection Is a Must for Long-Term Business Growth

In cybersecurity, speed isn’t just a win — it’s a multiplier. The faster you learn...

28
Oct
Is Your Google Workspace as Secure as You Think it is?

The New Reality for Lean Security Teams If you’re the first security or IT hire...

28
Oct
Chrome Zero-Day Exploited to Deliver Italian Memento Labs’ LeetAgent Spyware

The zero-day exploitation of a now-patched security flaw in Google Chrome led to the distribution...

28
Oct
SideWinder Adopts New ClickOnce-Based Attack Chain Targeting South Asian Diplomats

A European embassy located in the Indian capital of New Delhi, as well as multiple...

28
Oct
X Warns Users With Security Keys to Re-Enroll Before November 10 to Avoid Lockouts

Social media platform X is urging users who have enrolled for two-factor authentication (2FA) using...

27
Oct
New ChatGPT Atlas Browser Exploit Lets Attackers Plant Persistent Hidden Commands

Cybersecurity researchers have discovered a new vulnerability in OpenAI’s ChatGPT Atlas web browser that could...

27
Oct