Fortra’s Suspicious Email Analysis (SEA) team uncovered a highly sophisticated phishing campaign targeting Microsoft Office 365 (O365) credentials. Unlike typical phishing attempts, this attack stood […]
Author: cyberbytes
Malicious Hackers Create Fake AI Tool to Exploit Millions of Users
A concerning development in the field of cybersecurity is the initiation of a sophisticated campaign by hostile actors posing as Kling AI, a well-known AI-powered […]
Cybercriminals Could Leverage Google Cloud Platform for Malicious Activities
A Research by Tenable and Cisco Talos has shed light on a critical vulnerability in Google Cloud Platform’s (GCP) Cloud Functions and Cloud Build services, […]
.png)
Atlassian Alerts Users to Multiple Critical Vulnerabilities Affecting Data Center Server
Atlassian has released its May 2025 Security Bulletin addressing eight high-severity vulnerabilities affecting multiple enterprise products in its Data Center and Server offerings. The vulnerabilities, […]
Ivanti EPMM 0-Day RCE Vulnerability Under Active Attack
Ivanti’s Endpoint Manager Mobile (EPMM) contains a critical vulnerability chain that has been actively abused. The vulnerabilities, initially disclosed by Ivanti on March 13th, 2025, […]
GitHub package limit put law firm in security bind
A $1 billion law firm last week learned a critical cybersecurity lesson: Even something as innocuous as the ceiling on the number of packages allowed […]
Over 100 Malicious Chrome Extensions Exploiting Users to Steal Login Credentials and Execute Remote Code
Cybersecurity researchers have uncovered a sprawling network of over 100 malicious Chrome extensions actively exploiting unsuspecting users. These extensions, masquerading as legitimate tools for productivity, […]
Google Chrome Can Now Auto-Change Compromised Passwords Using Its Built-In Manager
Google has announced a new feature in its Chrome browser that lets its built-in Password Manager automatically change a user’s password when it detects the […]
Poor DNS hygiene is leading to domain hijacking
Threat actors continue to find ways of hijacking domains thanks to poor DNS record-keeping and misconfigurations by administrators, a hole that CSOs have to plug […]
Threat intelligence platform buyer’s guide: Top vendors, selection advice
The bedrock of a solid enterprise security program begins with the choice of an appropriate threat intelligence platform (TIP) and how to use this to […]