Tag Archives: it security

New .NET CAPI Backdoor Targets Russian Auto and E-Commerce Firms via Phishing ZIPs

Cybersecurity researchers have shed light on a new campaign that has likely targeted the Russian...

18
Oct
Silver Fox Expands Winos 4.0 Attacks to Japan and Malaysia via HoldingHands RAT

The threat actors behind a malware family known as Winos 4.0 (aka ValleyRAT) have expanded...

18
Oct
North Korean Hackers Combine BeaverTail and OtterCookie into Advanced JS Malware

The North Korean threat actor linked to the Contagious Interview campaign has been observed merging...

17
Oct
Common Cyber Attacks: Reducing the Impact
October 17, 2025

This white paper explains how basic security controls can protect organisations from the most common...

Identity Security: Your First and Last Line of Defense

The danger isn’t that AI agents have bad days — it’s that they never do....

17
Oct
Researchers Uncover WatchGuard VPN Bug That Could Let Attackers Take Over Devices

Cybersecurity researchers have disclosed details of a recently patched critical security flaw in WatchGuard Fireware...

17
Oct
Microsoft Revokes 200 Fraudulent Certificates Used in Rhysida Ransomware Campaign

Microsoft on Thursday disclosed that it revoked more than 200 certificates used by a threat...

17
Oct
North Korean Hackers Use EtherHiding to Hide Malware Inside Blockchain Smart Contracts

A threat actor with ties to the Democratic People’s Republic of Korea (aka North Korea)...

16
Oct
Hackers Abuse Blockchain Smart Contracts to Spread Malware via Infected WordPress Sites

A financially motivated threat actor codenamed UNC5142 has been observed abusing blockchain smart contracts as...

16
Oct
LinkPro Linux Rootkit Uses eBPF to Hide and Activates via Magic TCP Packets

An investigation into the compromise of an Amazon Web Services (AWS)-hosted infrastructure has led to...

16
Oct
Architectures, Risks, and Adoption: How to Assess and Choose the Right AI-SOC Platform

Scaling the SOC with AI – Why now?  Security Operations Centers (SOCs) are under unprecedented...

16
Oct
Hackers Deploy Linux Rootkits via Cisco SNMP Flaw in ‘Zero Disco’ Attacks

Cybersecurity researchers have disclosed details of a new campaign that exploited a recently disclosed security...

16
Oct
Beware the Hidden Costs of Pen Testing

Penetration testing helps organizations ensure IT systems are secure, but it should never be treated...

16
Oct
ThreatsDay Bulletin: $15B Crypto Bust, Satellite Spying, Billion-Dollar Smishing, Android RATs & More

The online world is changing fast. Every week, new scams, hacks, and tricks show how...

16
Oct
CISA Flags Adobe AEM Flaw with Perfect 10.0 Score — Already Under Active Attack

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a critical security flaw...

16
Oct
Chinese Threat Group ‘Jewelbug’ Quietly Infiltrated Russian IT Network for Months

A threat actor with ties to China has been attributed to a five-month-long intrusion targeting...

15
Oct
F5 Breach Exposes BIG-IP Source Code — Nation-State Hackers Behind Massive Intrusion

U.S. cybersecurity company F5 on Wednesday disclosed that unidentified threat actors broke into its systems...

15
Oct
Over 100 VS Code Extensions Exposed Developers to Hidden Supply Chain Risks

New research has uncovered that publishers of over 100 Visual Studio Code (VS Code) extensions...

15
Oct
How Attackers Bypass Synced Passkeys

TLDR Even if you take nothing else away from this piece, if your organization is...

15
Oct
Two New Windows Zero-Days Exploited in the Wild — One Affects Every Version Ever Shipped

Microsoft on Tuesday released fixes for a whopping 183 security flaws spanning its products, including...

15
Oct
Two CVSS 10.0 Bugs in Red Lion RTUs Could Hand Hackers Full Industrial Control

Cybersecurity researchers have disclosed two critical security flaws impacting Red Lion Sixnet remote terminal unit...

15
Oct
Hackers Target ICTBroadcast Servers via Cookie Exploit to Gain Remote Shell Access

Cybersecurity researchers have disclosed that a critical security flaw impacting ICTBroadcast, an autodialer software from...

15
Oct
New SAP NetWeaver Bug Lets Attackers Take Over Servers Without Login

SAP has rolled out security fixes for 13 new security issues, including additional hardening for...

15
Oct
Chinese Hackers Exploit ArcGIS Server as Backdoor for Over a Year

Threat actors with ties to China have been attributed to a novel campaign that compromised...

14
Oct
Moving Beyond Awareness: How Threat Hunting Builds Readiness

Every October brings a familiar rhythm – pumpkin-spice everything in stores and cafés, alongside a...

14
Oct
RMPocalypse: Single 8-Byte Write Shatters AMD’s SEV-SNP Confidential Computing

Chipmaker AMD has released fixes to address a security flaw dubbed RMPocalypse that could be...

14
Oct
New Pixnapping Android Flaw Lets Rogue Apps Steal 2FA Codes Without Permissions

Android devices from Google and Samsung have been found vulnerable to a side-channel attack that...

14
Oct
What AI Reveals About Web Applications— and Why It Matters

Before an attacker ever sends a payload, they’ve already done the work of understanding how...

14
Oct
npm, PyPI, and RubyGems Packages Found Sending Developer Data to Discord Channels

Cybersecurity researchers have identified several malicious packages across npm, Python, and Ruby ecosystems that leverage...

14
Oct
Researchers Expose TA585’s MonsterV2 Malware Capabilities and Attack Chain

Cybersecurity researchers have shed light on a previously undocumented threat actor called TA585 that has...

14
Oct