Category: Cyber Security News

Microsoft Threat Intelligence detected a large-scale malvertising campaign in early December 2024 that infected nearly one million devices globally in an opportunistic attack designed to steal information. The campaign impacted a wide range of organizations and industries, affecting both consumer…

Read more →

In a sophisticated business email compromise (BEC) attack recently uncovered by Trend Micro Managed XDR team, threat actors exploited a compromised third-party email server to conduct fraudulent financial transactions between business partners. The scheme, which unfolded over several days, involved…

Read more →

A recently disclosed vulnerability in the widely used Python JSON Logger library has exposed an estimated 43 million installations to potential remote code execution (RCE) attacks through a dependency chain flaw.  Tracked as GHSA-wmxh-pxcx-9w24 and scoring 8.8/10 on the CVSS…

Read more →

A significant leak of internal chat logs from the Black Basta ransomware group has provided cybersecurity researchers with unprecedented insight into their operations. A Telegram user named ExploitWhispers unveiled the leak contained approximately 200,000 chat messages dated between September 2023…

Read more →

Cybercriminals are advancing beyond rudimentary phishing attempts, adopting sophisticated social engineering strategies that build relationships with targets before delivering malicious payloads. ESET’s APT Activity Report shows that the North Korea-aligned threat actors have significantly refined their tactics, making traditional security…

Read more →

Lazarus Group hackers believed to be affiliated with North Korea’s regime have successfully laundered at least $300 million from their unprecedented $1.5 billion cryptocurrency heist targeting the ByBit exchange. The cybercriminals, identified as the infamous Lazarus Group, executed the attack…

Read more →

The identification of cyber attack patterns through infrastructure analysis has emerged as a crucial methodology in modern threat intelligence. By examining the digital footprints left by threat actors, security analysts can now reconstruct attack campaigns and attribute them to specific…

Read more →

Veriti has uncovered a concerning trend where cybercriminals are actively exploiting misconfigured cloud services to distribute malware and control compromised systems. Over 40% of networks allow “any/any” communication with at least one major cloud provider, creating significant security vulnerabilities for…

Read more →

A sophisticated cyber criminal operation known as “PrintSteal” has been discovered generating and distributing fraudulent Indian identity documents on a massive scale. This operation has established over 1,800 domains impersonating government websites, with approximately 600 currently active. The criminal network…

Read more →

Security researchers have uncovered an ongoing malicious campaign targeting the Go ecosystem with seven typosquatted packages designed to install hidden loader malware on Linux and macOS systems. The threat actor has published packages that impersonate widely used Go libraries, employing…

Read more →

Penetration testing companies specialize in evaluating the security of an organization’s IT infrastructure by simulating real-world cyberattacks. These companies use ethical hacking techniques to identify vulnerabilities in networks, applications, and systems before malicious hackers can exploit them. What Do Penetration…

Read more →

A proof-of-concept (PoC) exploit has been released for a high-severity out-of-bounds write vulnerability in the Linux kernel, identified as CVE-2024-53104. The vulnerability exists within the USB Video Class (UVC) driver and can lead to privilege escalation. The flaw stems from…

Read more →

A large-scale SMS phishing (smishing) campaign distributed via iMessage involving more than 10,000 domains registered by a threat actor was discovered recently. These domains are designed to impersonate toll services and package delivery platforms across multiple U.S. states and one…

Read more →

Recent Palo Alto research investigations have revealed the ongoing evolution of “click fix” style campaigns used to distribute the Lumma Stealer malware. These campaigns exploit user interaction by leveraging malicious scripts that are inserted into the copy-paste buffer, tricking victims…

Read more →

Physical penetration testing provides crucial insights into real-world security vulnerabilities that might be overlooked in purely digital assessments. A recent case study conducted by Hackmosphere for a furniture retailer, referred to as ExCorp, revealed how physical access to facilities could…

Read more →

Security researchers have uncovered a sophisticated malware campaign where threat actors are coercing popular YouTubers to distribute SilentCryptoMiner malware disguised as restriction bypass tools. This campaign has already affected more than 2,000 victims in Russia, with the actual number potentially…

Read more →

Security researchers at Positive Technologies have uncovered a sophisticated malware campaign dubbed “Desert Dexter” that has compromised more than 900 victims worldwide since September 2024. The attack, discovered in February 2025, primarily targets countries in the Middle East and North…

Read more →

Cybersecurity researchers at G DATA have uncovered a sophisticated malware campaign using fake CAPTCHA prompts to deliver LummaStealer, a dangerous information-stealing malware. This emerging threat, first discovered in January 2025, represents a new approach for LummaStealer distribution which previously spread…

Read more →

Tax season has become a high-stakes battleground for cybercriminals, who leverage advanced technologies like deepfake audio and AI-generated phishing campaigns to steal over $10,000 from unsuspecting victims.  According to a 2025 McAfee survey, 10% of tax scam losses exceeded $10,000,…

Read more →

The Tails Project announced the release of Tails 6.13 on March 6, 2025, marking a significant update to its privacy-centric Linux distribution.  This iteration introduces improved diagnostics for Wi-Fi hardware compatibility, updates to the Tor Browser and client, and critical…

Read more →

Advanced threat actors increasingly leverage x86-64 binaries and Apple’s Rosetta 2 translation technology to bypass execution policies and deploy malware on Apple Silicon devices. The technique exploits architectural differences between Intel and ARM64 processors while leaving behind forensic artifacts that…

Read more →

YouTube has issued an urgent alert to content creators regarding a highly sophisticated phishing campaign exploiting AI-generated deepfake technology to hijack accounts.  The attack, first detected in late February 2025, uses fabricated videos of YouTube CEO Neal Mohan to deceive…

Read more →

Jenkins, the widely adopted open-source automation server central to CI/CD pipelines, has disclosed four critical security vulnerabilities enabling unauthorized secret disclosure, cross-site request forgery (CSRF), and open redirect attacks.  These flaws, patched in versions 2.500 (weekly) and 2.492.2 (LTS), affect…

Read more →

A series of critical vulnerabilities in DrayTek Vigor routers widely deployed in small office/home office (SOHO) environments have been uncovered, exposing devices to remote code execution (RCE), denial-of-service (DoS) attacks, and credential theft.  The flaws discovered during firmware reverse-engineering efforts…

Read more →

A sophisticated cyber espionage campaign dubbed “Operation Sea Elephant” has been discovered targeting scientific research organizations, with a particular focus on ocean-related studies. The operation, attributed to a threat actor group known as CNC with South Asian origins, aims to…

Read more →

Security researchers have uncovered a critical vulnerability in AMD Zen CPUs that allows attackers with elevated privileges to load malicious microcode patches, bypassing cryptographic signature checks. Dubbed “EntrySign,” this flaw stems from AMD’s use of the AES-CMAC algorithm as a…

Read more →

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical warning regarding a severe vulnerability in the Edimax IC-7100 IP Camera. This vulnerability, CVE-2025-1316, allows attackers to execute remote code on the device by sending specially crafted requests, exploiting…

Read more →

Cybersecurity research firm NISOS has uncovered a network of suspected North Korean IT workers who are leveraging GitHub to create elaborate fake personas aimed at securing employment with companies in Japan and the United States. These individuals pose as Vietnamese,…

Read more →

GitHub has unveiled groundbreaking applications of its AI-powered coding assistant, Copilot, specifically tailored for security professionals analyzing system logs and operational data.  The tool now demonstrates unprecedented capabilities in parsing security event information, identifying anomalies, and accelerating incident response workflows…

Read more →

Microsoft’s Remote Desktop Protocol (RDP) has introduced a lesser-known but critical security feature colloquially referred to as “incognito mode” through its /public command-line parameter.  This functionality, formally called public mode, prevents the client from storing sensitive session artifacts—a development with…

Read more →

The Federal Bureau of Investigation (FBI) has issued an urgent alert regarding a sophisticated email-based extortion campaign targeting corporate executives, wherein threat actors impersonate the notorious BianLian ransomware group.  The scam, first identified in early March 2025, involves physical letters…

Read more →

A critical security vulnerability in Apache Pinot designated CVE-2024-56325, has been disclosed. It allows unauthenticated, remote attackers to bypass authentication mechanisms and gain unauthorized access to sensitive systems.  Researchers from the Knownsec 404 Team discovered the flaw and disclosed it…

Read more →

Microsoft has announced the immediate availability of Microsoft 365 E5 Security as a cost-effective add-on for Business Premium subscribers, marking a strategic expansion of enterprise-grade cybersecurity tools for small and medium businesses (SMBs).  The release introduces enhanced threat detection, identity…

Read more →

A newly identified vulnerability in the Cisco Secure Client for Windows could allow attackers to execute arbitrary code with SYSTEM privileges. The vulnerability lies within the interprocess communication (IPC) channel and can be exploited by an authenticated, local attacker to…

Read more →

Network traffic analysis has emerged as one of the most effective methods for detecting and investigating linux based malware infections . By scrutinizing communication patterns, security professionals can uncover signs of malicious activity, including command-and-control (C2) connections, data exfiltration, and…

Read more →

Cybersecurity researchers have uncovered a sophisticated campaign targeting the Albion Online gaming community through impersonation of the Electronic Frontier Foundation (EFF). The operation, discovered in early March 2025, leverages decoy documents designed to appear as official EFF communications while deploying…

Read more →

Network traffic analysis has emerged as one of the most effective methods for detecting and investigating linux based malware infections . By scrutinizing communication patterns, security professionals can uncover signs of malicious activity, including command-and-control (C2) connections, data exfiltration, and…

Read more →

A critical security oversight in widely used Apache Airflow instances has exposed credentials for platforms like AWS, Slack, PayPal, and other services, leaving organizations vulnerable to data breaches and supply chain attacks.  Researchers at Intezer discovered thousands of unprotected instances…

Read more →

A newly disclosed critical vulnerability in Sitecore Experience Platform (CVE-2025-27218) allows unauthenticated attackers to execute arbitrary code on unpatched systems.  The flaw, rooted in insecure deserialization practices, affects Sitecore Experience Manager (XM) and Experience Platform (XP) versions 8.2 through 10.4…

Read more →

Security researchers at SEC Consult have discovered a significant vulnerability in CrowdStrike’s Falcon Sensor that allowed attackers to bypass detection mechanisms and execute malicious applications. This vulnerability, dubbed “Sleeping Beauty,” was initially reported to CrowdStrike in late 2023 but was…

Read more →

Federal prosecutors unsealed criminal complaints today against David Jose Gomez Cegarra, 24, and Jesus Segundo Hernandez-Gil, 19, members of the Tren de Aragua Gang, for allegedly orchestrating a coordinated ATM “jackpotting” campaign across four U.S. states.  The defendants face charges…

Read more →

A critical Insecure Direct Object Reference (IDOR) vulnerability chain in ZITADEL’s administration interface (CVE-2025-27507) has exposed organizations to systemic risks of account takeover and configuration tampering.  Rated 9.0/10 on the CVSS v3.1 scale, these flaws enable authenticated low-privilege users to…

Read more →

In its latest Android security update, Google has unveiled a dual-layer defense system combining AI-powered scam detection for both text messages and voice calls.  The new features, powered by Gemini Nano AI models operating entirely on-device, aim to combat the…

Read more →

A critical security vulnerability in LibreOffice tracked as CVE-2025-1080, has exposed millions of users to potential remote code execution attacks through manipulated macro URLs.  Patched in versions 24.8.5 and 25.2.1 released on March 4, 2025, this flaw allowed attackers to…

Read more →

Elastic has issued an urgent security advisory for a critical vulnerability in Kibana, tracked as CVE-2025-25012, that allows authenticated attackers to execute arbitrary code on affected systems.  The flaw, rated 9.9 on the CVSS v3.1 scale, stems from a prototype…

Read more →

Google collects and stores significant amounts of user data on Android devices, even when users haven’t opened any Google apps. The study by Professor D.J. Leith from Trinity College Dublin, documents for the first time how pre-installed Google apps silently…

Read more →

A sophisticated Android banking trojan campaign leveraging a malicious file manager application accumulated over 220,000 downloads on the Google Play Store before its removal.  Dubbed Anatsa (also known as TeaBot), the malware targets global financial institutions through a multi-stage infection…

Read more →

A new ransomware group, SecP0, has emerged on the cybercrime landscape, adopting a novel and deeply concerning tactic: demanding ransom payments not for encrypted data, but for undisclosed software vulnerabilities.  This shift in strategy represents a significant evolution in ransomware…

Read more →

In a sophisticated cybercrime operation targeting high-demand events, two individuals were arrested this week for allegedly orchestrating a $600,000 ticket theft scheme involving Taylor Swift’s Eras Tour and other major concerts.  Queens District Attorney Melinda Katz revealed that Tyrone Rose,…

Read more →

In a landmark development for cybersecurity infrastructure, Google’s Mandiant subsidiary has unveiled GoStringUngarbler – an open-source deobfuscation framework designed to neutralize advanced string encryption techniques in Go-based malware.  This innovation specifically targets binaries obfuscated using garble, an increasingly prevalent obfuscation…

Read more →

Patch management tools are essential for maintaining the security and efficiency of IT systems in 2025. These tools automate the process of identifying, testing, and deploying software updates and security patches across various operating systems and applications. Top contenders in…

Read more →

Cybersecurity has transformed from a niche technical field into a critical business priority that shapes organizational strategies worldwide. As we navigate through 2025, the cybersecurity industry continues to expand in response to increasingly sophisticated threats, digital transformation initiatives, and regulatory requirements. The global cybersecurity market is…

Read more →

The U.S. Department of Justice (DOJ) unsealed indictments today against 12 Chinese nationals linked to state-sponsored cyber espionage campaigns targeting the U.S. Treasury Department, religious organizations, media outlets, and critical infrastructure.  The charges reveal an extensive, decade-long operation leveraging advanced…

Read more →

Researchers uncovered one of the most technically sophisticated attacks in cryptocurrency history, exploiting Bybit’s Ethereum hot wallet infrastructure through a malicious proxy contract upgrade.  The breach, attributed to North Korea’s Lazarus Group via blockchain fingerprinting, resulted in the theft of…

Read more →

Shadowserver observed that 41,500+ internet-exposed VMware ESXi hypervisors as of March 4, 2025, are vulnerable to CVE-2025-22224, a critical zero-day vulnerability actively exploited in attacks. Broadcom patched the vulnerability in an emergency update. It enables attackers with local administrative access…

Read more →

HUMAN Security’s Satori Threat Intelligence team has uncovered a sophisticated malware operation dubbed “BADBOX 2.0” that compromised over 50,000 Android devices using 24 deceptive applications. This operation represents a major expansion of the original BADBOX campaign first identified in 2023,…

Read more →

Microsoft has recently published comprehensive guidance for developers working with Virtualization-Based Security (VBS) enclaves, highlighting critical security measures to strengthen the trust boundary between different virtual trust levels. The guidance by the Microsoft Security team, addresses fundamental security challenges that…

Read more →

Microsoft Threat Intelligence has identified a significant shift in tactics by Silk Typhoon, a Chinese state-sponsored espionage group that has begun targeting common IT solutions including remote management tools and cloud applications to gain initial access to organizational networks. This…

Read more →

Security researchers at Proofpoint have uncovered a sophisticated cyber espionage campaign targeting aviation and satellite communications organizations in the United Arab Emirates. The campaign, attributed to a threat actor tracked as UNK_CraftyCamel, leveraged a compromised Indian electronics company to deliver…

Read more →

A newly disclosed vulnerability in Cisco Webex for BroadWorks Release 45.2 enables remote attackers to intercept sensitive credentials and user data when Session Initiation Protocol (SIP) communications lack encryption. This vulnerability, rated as low severity but with significant operational implications,…

Read more →

A critical security flaw in the GiveWP Donation Plugin tracked as CVE-2025-0912, has exposed over 100,000 WordPress websites to unauthenticated remote code execution (RCE) attacks.  The vulnerability, scoring a maximum CVSS 9.8 (Critical) severity rating, originates from improper handling of…

Read more →

The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) announced sweeping sanctions today against Behrouz Parsarad, an Iran-based cybercriminal identified as the sole administrator of the Nemesis darknet marketplace.  This move marks OFAC’s first recognition as a…

Read more →

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued an urgent alert on March 4, 2025, adding three critical VMware vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog following confirmed in-the-wild exploitation. The vulnerabilities CVE-2025-22224, CVE-2025-22225, and CVE-2025-22226 allow attackers…

Read more →

Microsoft has announced plans to enhance security measures by removing the Data Encryption Standard (DES) encryption algorithm from Kerberos authentication in upcoming Windows releases. This security change will affect Windows Server 2025 and Windows 11 version 24H2 computers after they…

Read more →

The Vim text editor vulnerability CVE-2025-27423 is a high-severity issue that allows for arbitrary code execution via malicious TAR archives. Affecting Vim versions prior to 9.1.1164, this flaw in the bundled tar.vim plugin exposes users to potential command injection attacks…

Read more →

A critical evolution of the CVE-2024-7014 vulnerability, originally patched in July 2024, has resurfaced with updated tactics to bypass security measures.  Dubbed Evilloader, this new exploit leverages Telegram’s multimedia handling mechanisms to execute malicious JavaScript code by disguising .htm files…

Read more →

NVIDIA has issued urgent security advisories addressing multiple vulnerabilities in its Hopper HGX 8-GPU High-Performance Computing (HMC) platforms, including a high-severity flaw (CVE-2024-0114, CVSS 8.1) that permits unauthorized code execution, privilege escalation, and systemic data compromise.  A secondary medium-severity vulnerability…

Read more →

Zoho has patched a high-severity vulnerability (CVE-2025-1723) in its ADSelfService Plus software, a widely used self-service password management and single sign-on solution.  The flaw, discovered in builds 6510 and earlier, could enable attackers to bypass authentication safeguards and access sensitive…

Read more →

A newly disclosed vulnerability in Hewlett Packard Enterprise’s (HPE) Insight Remote Support tool enables unauthenticated attackers to execute arbitrary code on vulnerable systems, with proof-of-concept (PoC) exploit code now publicly available.  Tracked as CVE-2024-53676, this critical remote code execution (RCE)…

Read more →

A sophisticated malware campaign named “GrassCall” was detected that specifically targets job seekers through deceptive tactics. The campaign, attributed to the threat group known as Crazy Evil, has been actively exploiting job hunters’ vulnerability by luring them with fake employment…

Read more →

A security researcher known as “Seeker” has published an in-depth analysis of advanced obfuscation techniques employed by APT28, a threat actor known for sophisticated cyber espionage operations. The report provides a comprehensive examination of a heavily obfuscated HTA Trojan used…

Read more →

Google has rolled out Chrome 134 to the stable channel, delivering critical security updates that resolve 14 vulnerabilities, including high-severity flaws that could enable browser crashes, data leaks, or arbitrary code execution.  The update (versions 134.0.6998.35 for Linux, 134.0.6998.35/36 for…

Read more →

A new report published recently, details how red team operators can use SpecterInsight 4.2.0 to successfully bypass Windows Defender and other antivirus solutions. The technique allows threat actors to evade detection while loading malicious .NET payloads into memory, presenting significant…

Read more →

Security researchers have uncovered a significant remote code execution vulnerability in Microsoft’s Windows Key Distribution Center (KDC) Proxy that could potentially allow attackers to gain complete control over affected servers. The vulnerability, tracked as CVE-2024-43639, stems from an integer overflow…

Read more →

Dutch IT security consultancy Modat has uncovered alarming security vulnerabilities in approximately 49,000 access management systems (AMS) deployed worldwide. These systems, designed to control building access through authentication methods like passwords, biometrics, and multi-factor authentication, have been found to contain…

Read more →

Stegoсampaign, a complex attack that leverages phishing, a multi-functional RAT, а loader, and malicious scripts, got a new twist. ANY.RUN’s malware analysts discovered a Stegocampaign variant that uses a Windows registry file to add a malicious script to Autorun. While…

Read more →

New research reveals that threat actors are exploiting exposed cloud credentials to hijack enterprise AI systems within minutes of credential leakage. Recent incidents have demonstrated that attackers can compromise large language model (LLM) infrastructure in under 19 minutes.  Dubbed LLMjacking,…

Read more →

The exponential growth of government data requests to technology giants has transformed Silicon Valley into the backbone of modern surveillance infrastructure. Between 2014 and 2024, Apple, Google, and Meta collectively disclosed data from 3.16 million user accounts to U.S. authorities,…

Read more →

U.S. law enforcement announced the recovery of $31 million in cryptocurrency tied to the 2021 Uranium Finance exploit, marking one of the largest DeFi-related asset seizures.  The operation, spearheaded by the Southern District of New York (SDNY) and Homeland Security…

Read more →

Indian multinational tech giant Tata Technologies, a subsidiary of Tata Motors, is in the spotlight following allegations by ransomware group Hunters International of a major data breach.  According to Huntress Group, the claim resulted in the theft of 1.4 TB…

Read more →

VMware has issued a critical security advisory (VMSA-2025-0004) warning of active exploitation of three vulnerabilities in its ESXi, Workstation, and Fusion products. These flaws, CVE-2025-22224, CVE-2025-22225, and CVE-2025-22226, allow attackers to execute malicious code, escalate privileges, and leak sensitive memory…

Read more →

A newly identified variant of the Android Remote Access Tool (RAT), AndroRAT, has emerged as a critical cybersecurity threat, leveraging sophisticated techniques to steal device unlock patterns, PINs, and passcodes.  The malware, first documented in 2012 as an open-source university…

Read more →

A critical information disclosure vulnerability in Docusnap, a widely used IT inventory management solution, allows attackers to decrypt sensitive system data collected from Windows hosts.  Designated as CVE-2025-26849, the flaw stems from the use of a static encryption key to…

Read more →

Researchers from Splunk have identified a sophisticated malware campaign targeting over 4,000 Internet Service Providers (ISPs) primarily located on the West Coast of the United States and in China. The campaign, which originated from Eastern Europe, uses a combination of…

Read more →

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an advisory regarding CVE-2018-8639, a privilege escalation vulnerability in the Microsoft Windows Win32k component, which threat actors are actively exploiting to execute arbitrary code in kernel mode.  Added to CISA’s Known…

Read more →

A staggering 33.3 million attacks involving malware, adware, and unwanted mobile software were prevented throughout 2024. This alarming figure translates to an average of 2.8 million attempted attacks per month, highlighting the persistent and evolving threat landscape facing mobile device…

Read more →

IBM has issued urgent security advisories for two high-severity vulnerabilities (CVE-2025-0159, CVE-2025-0160) affecting its Storage Virtualize product suite, including SAN Volume Controller, Storwize, and FlashSystem families.  These flaws enable attackers to bypass authentication and execute arbitrary code remotely via the…

Read more →

A critical zero-day vulnerability in BigAntSoft’s BigAnt Server (CVE-2025-0364) allows unauthenticated attackers to execute arbitrary code on affected systems through a chain of SaaS registration abuses and PHP file uploads.  The flaw, discovered by VulnCheck researchers during an analysis of…

Read more →

Several sophisticated multi-stage malware campaigns were revealed by recent findings from Palo Alto Networks’ Unit 42 have employing advanced encryption techniques to evade detection. Threat actors are increasingly using the Advanced Encryption Standard (AES) in combination with code virtualization to…

Read more →

Google has issued an urgent security alert for CVE-2024-43093 and CVE-2024-50302, two critical Android vulnerabilities actively exploited in coordinated attacks targeting devices running Android 12 through 15.  Patched in the March 2025 Android Security Bulletin (security patch level 2025-03-05), these…

Read more →

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued an urgent advisory, warning that a critical command injection vulnerability in Cisco Small Business RV Series Routers tracked as CVE-2023-20118 is being actively exploited in the wild.  The flaw, which carries…

Read more →

Five critical memory vulnerabilities in Paragon Partition Manager’s BioNTdrv.sys driver have been discovered, allowing attackers to escalate privileges and cause denial-of-service conditions on affected systems. The vulnerabilities, identified in versions prior to 2.0.0, were officially disclosed on February 28, 2025,…

Read more →

Cybersecurity experts have recently observed a concerning trend in attack methodologies, with threat actors increasingly leveraging fileless techniques that weaponize PowerShell and legitimate Microsoft applications to deploy malware while evading detection. These sophisticated attacks operate primarily in memory, leaving minimal…

Read more →

A sophisticated phishing campaign in which threat actors are utilizing a multi-stage attack chain that combines social engineering tactics with modified open-source tools to compromise Windows systems. The campaign, active as of March 2025, employs the ClickFix technique to deceive…

Read more →

Google is advancing its email privacy arsenal with the development of Shielded Email, a feature designed to generate disposable email aliases for users signing up for apps and services.  First uncovered in a Google Play Services v24.45.33 APK teardown by…

Read more →

The United States has paused offensive cyber operations against Russia under an order from Defense Secretary Pete Hegseth, causing debates over geopolitical strategy and domestic cybersecurity priorities.  While U.S. Cyber Command—a Unified Combatant Command overseeing military cyber operations—adheres to the…

Read more →

The cybersecurity landscape of 2024 witnessed an unprecedented increase in mass internet exploitation, driven by attackers’ ability to automate vulnerability exploits within hours of disclosure.  GreyNoise’s 2025 Mass Internet Exploitation Report reveals a systematic industrialization of cyberattacks, with threat actors…

Read more →

Security researchers have uncovered three critical vulnerabilities in Extreme Networks’ IQ Engine (HiveOS) that collectively enable authenticated attackers to escalate privileges, decrypt passwords, and execute arbitrary commands on affected systems.  The flaws—tracked as CVE-2025-27229, CVE-2025-27228, and CVE-2025-27227—were disclosed through coordinated…

Read more →

Cybersecurity firm Silent Push have confirmed recently that North Korean IT workers continue to utilize Astrill VPN services to hide their true IP addresses when seeking employment with international companies. This finding, originally reported by Google’s Mandiant in September 2024,…

Read more →

Unit 42, the threat intelligence team at Palo Alto Networks, has identified a sophisticated threat actor group named JavaGhost that has evolved from website defacement to executing persistent phishing campaigns using compromised AWS environments. The group, active since at least…

Read more →