A group dubbed “Dark Partners” by cybersecurity researchers has launched a sophisticated malware campaign targeting both macOS and Windows users through a network of deceptive […]
Category: Cyber Security News
Fullscreen BitM Attack Discovered by SquareX Exploits Browser Fullscreen APIs to Steal Credentials in Safari
Today, SquareX released new threat research on an advanced Browser-in-the-Middle (BitM) attack targeting Safari users. As highlighted by Mandiant, adversaries have been increasingly using BitM attacks to steal […]
New Microsoft Entra Connect Update Replaces Legacy Login Methods
Quantum computing is rapidly emerging as one of the most transformative technology trends of 2025, promising to revolutionize industries by solving complex problems that are […]
Even $5M a year can’t keep top CISOs happy
At least one lucky US CISO earned around $5 million last year, according to a new survey, but the reality is that the average compensation […]
New PumaBot Hijacks IoT Devices via SSH Brute-Force for Persistent Access
A sophisticated new malware, dubbed PumaBot, has emerged as a significant threat to Internet of Things (IoT) devices worldwide. Cybersecurity researchers have identified this malicious […]
Critical Argo CD Flaw Exposes Kubernetes Clusters to Full Resource Manipulation
A critical cross-site scripting (XSS) vulnerability, officially tracked as CVE-2025-47933 and GHSA-2hj5-g64g-fp6p, has been identified in Argo CD, a widely used open-source GitOps tool for […]
Hackers Exploit Cloudflare Tunnels to Launch Stealthy Cyberattacks
The cybersecurity landscape, malicious actors, including notorious ransomware groups like BlackSuit, Royal, Akira, Scattered Spider, Medusa, and Hunters International, have been exploiting Cloudflared, a legitimate […]
Microsoft Entra’s billing roles pose privilege escalation risks in Azure
Threat actors can abuse one of Microsoft Entra’s by-design features, the software giant’s cloud-based identity and access management service, to gain persistence and escalate privilege […]
UTG-Q-015 Hackers Launch Massive Brute-Force Attacks on Government Web Servers
The hacker group UTG-Q-015, first identified in December 2024 for mounting attacks on major websites like CSDN, has escalated its malicious activities, targeting government and […]
DragonForce Exploits SimpleHelp Flaws to Deploy Ransomware Across Customer Endpoints
The threat actors behind the DragonForce ransomware gained access to an unnamed Managed Service Provider’s (MSP) SimpleHelp remote monitoring and management (RMM) tool, and then […]