Tag Archives: it security

Strengthening national cyber resilience through observability and threat hunting
October 8, 2025

How organisations can improve their ability to both detect and discover cyber threats....

BatShadow Group Uses New Go-Based ‘Vampire Bot’ Malware to Hunt Job Seekers

A Vietnamese threat actor named BatShadow has been attributed to a new campaign that leverages...

07
Oct
Google’s New AI Doesn’t Just Find Vulnerabilities — It Rewrites Code to Patch Them

Google’s DeepMind division on Monday announced an artificial intelligence (AI)-powered agent called CodeMender that automatically...

07
Oct
New Research: AI Is Already the #1 Data Exfiltration Channel in the Enterprise

For years, security leaders have treated artificial intelligence as an “emerging” technology, something to keep...

07
Oct
XWorm 6.0 Returns with 35+ Plugins and Enhanced Data Theft Capabilities

Cybersecurity researchers have charted the evolution of XWorm malware, turning it into a versatile tool...

07
Oct
13-Year Redis Flaw Exposed: CVSS 10.0 Vulnerability Lets Attackers Run Code Remotely

Redis has disclosed details of a maximum-severity security flaw in its in-memory database software that...

07
Oct
Microsoft Links Storm-1175 to GoAnywhere Exploit Deploying Medusa Ransomware

Microsoft on Monday attributed a threat actor it tracks as Storm-1175 to the exploitation of...

07
Oct
Oracle EBS Under Fire as Cl0p Exploits CVE-2025-61882 in Real-World Attacks

CrowdStrike on Monday said it’s attributing the exploitation of a recently disclosed security flaw in...

07
Oct
New Report Links Research Firms BIETA and CIII to China’s MSS Cyber Operations

A Chinese company named the Beijing Institute of Electronics Technology and Application (BIETA) has been...

06
Oct
The Power of Ego Suspension: My Go-To Social Engineering Technique

When most people think about “influence tactics” in cybersecurity, they imagine pushy persuasion, authority plays,...

06
Oct
⚡ Weekly Recap: Oracle 0-Day, BitLocker Bypass, VMScape, WhatsApp Worm & More

The cyber world never hits pause, and staying alert matters more than ever. Every week...

06
Oct
5 Critical Questions For Adopting an AI Security Solution

In the era of rapidly advancing artificial intelligence (AI) and cloud technologies, organizations are increasingly...

06
Oct
Chinese Cybercrime Group Runs Global SEO Fraud Ring Using Compromised IIS Servers

Cybersecurity researchers have shed light on a Chinese-speaking cybercrime group codenamed UAT-8099 that has been...

06
Oct
Zimbra Zero-Day Exploited to Target Brazilian Military via Malicious ICS Files

A now patched security vulnerability in Zimbra Collaboration was exploited as a zero-day earlier this...

06
Oct
Oracle Rushes Patch for CVE-2025-61882 After Cl0p Exploited It in Data Theft Attacks

Oracle has released an emergency update to address a critical security flaw in its E-Business...

06
Oct
CometJacking: One Click Can Turn Perplexity’s Comet AI Browser Into a Data Thief

Cybersecurity researchers have disclosed details of a new attack called CometJacking targeting Perplexity’s agentic AI...

04
Oct
Scanning Activity on Palo Alto Networks Portals Jump 500% in One Day

Threat intelligence firm GreyNoise disclosed on Friday that it has observed a spike in scanning...

04
Oct
Detour Dog Caught Running DNS-Powered Malware Factory for Strela Stealer

A threat actor named Detour Dog has been outed as powering campaigns distributing an information...

03
Oct
Rhadamanthys Stealer Evolves: Adds Device Fingerprinting, PNG Steganography Payloads

The threat actor behind Rhadamanthys has also advertised two other tools called Elysium Proxy Bot...

03
Oct
Researchers Warn of Self-Spreading WhatsApp Malware Named SORVEPOTEL

Brazilian users have emerged as the target of a new self-propagating malware that spreads via...

03
Oct
Product Walkthrough: How Passwork 7 Addresses Complexity of Enterprise Security

Passwork is positioned as an on-premises unified platform for both password and secrets management, aiming...

03
Oct
New “Cavalry Werewolf” Attack Hits Russian Agencies with FoalShell and StallionRAT

A threat actor that’s known to share overlaps with a hacking group called YoroTrooper has...

03
Oct
CISA Flags Meteobridge CVE-2025-4008 Flaw as Actively Exploited in the Wild

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a high-severity security flaw...

03
Oct
Confucius Hackers Hit Pakistan With New WooperStealer and Anondoor Malware

The threat actor known as Confucius has been attributed to a new phishing campaign that...

02
Oct
Alert: Malicious PyPI Package soopsocks Infects 2,653 Systems Before Takedown

Cybersecurity researchers have flagged a malicious package on the Python Package Index (PyPI) repository that...

02
Oct
Automating Pentest Delivery: 7 Key Workflows for Maximum Impact

Penetration testing is critical to uncovering real-world security weaknesses. With the shift into continuous testing...

02
Oct
ThreatsDay Bulletin: CarPlay Exploit, BYOVD Tactics, SQL C2 Attacks, iCloud Backdoor Demand & More

From unpatched cars to hijacked clouds, this week’s Threatsday headlines remind us of one thing...

02
Oct
Google Mandiant Probes New Oracle Extortion Wave Possibly Linked to Cl0p Ransomware

Google Mandiant and Google Threat Intelligence Group (GTIG) have disclosed that they are tracking a...

02
Oct
How to Close Threat Detection Gaps: Your SOC’s Action Plan

Running a SOC often feels like drowning in alerts. Every morning, dashboards light up with...

02
Oct
Warning: Beware of Android Spyware Disguised as Signal Encryption Plugin and ToTok Pro

Cybersecurity researchers have discovered two Android spyware campaigns dubbed ProSpy and ToSpy that impersonate apps...

02
Oct