Verizon Business’s 2025 Data Breach Investigations Report (DBIR), released on April 24, 2025, paints a stark picture of the cybersecurity landscape, drawing from an analysis […]
Author: cyberbytes
Weaponized SVG Files Used by Threat Actors to Redirect Users to Malicious Sites
Cybercriminals are increasingly weaponizing Scalable Vector Graphics (SVG) files to orchestrate sophisticated phishing campaigns. According to research from Intezer, a cybersecurity firm that triages millions […]
Hackers Exploit Ivanti Connect Secure 0-Day to Deploy DslogdRAT and Web Shell
Threat actors exploited a zero-day vulnerability in Ivanti Connect Secure, identified as CVE-2025-0282, to deploy malicious tools including a web shell and a sophisticated remote […]
FBI: Cybercrime Losses Rocket to $16.6B in 2024
The losses are 33% higher than the year before, with phishing leading the way as the most-reported cybercrime last year, and ransomware was the top […]
New Steganography Campaign Exploits MS Office Vulnerability to Distribute AsyncRAT
A recently uncovered cyberattack campaign has brought steganography back into the spotlight, showcasing the creative and insidious methods attackers employ to deliver malware. This operation, […]
Threat Actors Exploiting Unsecured Kubernetes Clusters for Crypto Mining
In a startling revelation from Microsoft Threat Intelligence, threat actors are increasingly targeting unsecured Kubernetes clusters to conduct illicit activities such as cryptomining. The dynamic […]
ToyMaker Hackers Compromise Numerous Hosts via SSH and File Transfer Tools
In a alarming cybersecurity breach uncovered by Cisco Talos in 2023, a critical infrastructure enterprise fell victim to a meticulously orchestrated attack involving multiple threat […]
_NicoElNino_Alamy.png?width=1280&auto=webp&quality=80&disable=upscale)
Navigating Regulatory Shifts & AI Risks
By proactively embracing emerging trends around encryption, AI security, and platform consolidation, organizations can turn compliance burdens into competitive advantage. ​The original article found on […]
Lazarus Hits 6 South Korean Firms via Cross EX, Innorix Zero-Day and ThreatNeedle Malware
At least six organizations in South Korea have been targeted by the prolific North Korea-linked Lazarus Group as part of a campaign dubbed Operation SyncHole. […]
GitHub secrets: Deleted files still pose risks
Deleted files within public GitHub repositories could still be exposing secrets like API keys, tokens, and credentials, if threat actors knew where and how to […]