Cybersecurity researchers have shed light on a cybercriminal group called Jingle Thief that has been observed targeting cloud environments associated with organizations in the retail […]
SideWinder Leverages ClickOnce Installer to Deliver StealerBot Malware
The notorious SideWinder advanced persistent threat (APT) group has evolved its cyber espionage tactics with a sophisticated new attack method, combining PDF lures with ClickOnce […]
Mideast, African Hackers Target Gov’ts, Banks, Small Retailers
In the hotly political Middle East, you’d expect hacktivism and disruption of services. But retail attacks? The original article found on darkreading Read More
Critical Argument Injection Flaw in AI Agents Enables Remote Code Execution
AI-powered agents are increasingly relied upon to execute tasks like code analysis, file management, and automating workflows. However, a newly highlighted vulnerability argument injection shows […]
PhantomCaptcha RAT Uses Weaponized PDFs and “ClickFix” Cloudflare CAPTCHA Pages to Deliver Malware
A sophisticated spearphishing campaign has targeted humanitarian organizations working on Ukrainian war relief efforts, employing weaponized PDFs and fake Cloudflare captcha pages to deploy a […]
New Malware Toolkit from MuddyWater Delivers Phoenix Backdoor to Global Targets
Group-IB Threat Intelligence has uncovered a sophisticated phishing campaign orchestrated by the Iran-linked Advanced Persistent Threat group MuddyWater, targeting international organizations worldwide to gather foreign […]
TARmageddon Security Flaw in Rust Library Could Lead to Config Tampering and RCE
The Edera security team has discovered a critical vulnerability in the async-tar Rust library and its descendants, including the widely-used tokio-tar. Dubbed TARmageddon and assigned CVE-2025-62518, this […]
Cyberangriff auf Jaguar ist teuerster in britischer Geschichte
Der Hackerangriff auf den Autobauer Jaguar Land Rover hat die britische Regierung viel Geld gekostet. GAlexS – shutterstock.com Der Cyberangriff auf den britischen Autobauer Jaguar […]
BIND 9 Vulnerabilities Expose DNS Servers to Cache Poisoning and DoS
The Internet Systems Consortium (ISC) has disclosed three critical vulnerabilities in BIND 9, the most widely deployed DNS software globally. All three vulnerabilities were publicly […]
Why must CISOs slay a cyber dragon to earn business respect?
How CISOs respond to a major security incident can be a make-or-break moment for their career. Although one in four security leaders find themselves replaced […]