LayerX, a cybersecurity firm, has uncovered a sophisticated network of malicious browser extensions, dubbed “sleeper agents,” that are currently installed on nearly 1.5 million devices […]
Category: Cyber Security News
Aembit Recognized on the 2025 Rising in Cyber List of Top Cybersecurity Startups
Aembit, the workload identity and access management (IAM) company, today announced its inclusion in Rising in Cyber 2025, an independent list launched by Notable Capital to […]
_Andrea_Danti_Alamy.jpg?width=1280&auto=webp&quality=80&disable=upscale)
Beware of Device Code Phishing
Hackers are exploiting trusted authentication flows — like Microsoft Teams and IoT logins — to trick users into handing over access tokens, bypassing MFA and […]
Windows Authentication Coercion Attacks Present Major Risks to Enterprise Networks
Authentication coercion remains a potent attack vector in Windows environments, enabling attackers with even low-privileged domain accounts to force targeted systems, often high-value servers or […]
Your SaaS Data Isn’t Safe: Why Traditional DLP Solutions Fail in the Browser Era
Traditional data leakage prevention (DLP) tools aren’t keeping pace with the realities of how modern businesses use SaaS applications. Companies today rely heavily on SaaS […]
35,000 Internet-Connected Solar Power Systems Vulnerable to Cyberattacks
Forescout Research Vedere Labs has uncovered that nearly 35,000 solar power devices, including inverters, data loggers, and gateways from 42 vendors, are exposed on the […]
APT37 Hackers Fake Academic Forum Invites to Deliver Malicious LNK Files via Dropbox Platform
The North Korean state-sponsored hacking group APT37 has launched a sophisticated spear phishing campaign in March 2025, targeting activists focused on North Korean issues. Disguised […]
Malicious PyPI, npm, and Ruby Packages Exposed in Ongoing Open-Source Supply Chain Attacks
Several malicious packages have been uncovered across the npm, Python, and Ruby package repositories that drain funds from cryptocurrency wallets, erase entire codebases after installation, […]
New Malware Attack Uses Malicious Chrome & Edge Extensions to Steal Sensitive Data
Cybersecurity experts from Positive Technologies’ Security Expert Center have uncovered a sophisticated malicious campaign dubbed “Phantom Enigma,” primarily targeting Brazilian residents while also affecting organizations […]
IBM QRadar Vulnerabilities Expose Sensitive Configuration Files to Attackers
IBM has issued a security bulletin highlighting multiple vulnerabilities in its QRadar Suite Software and Cloud Pak for Security platforms. The flaws, which range from […]