The IPFire project has announced the release of version 2.29, Core Update 198, marking a significant milestone in the open-source firewall’s evolution. This update introduces […]
MuddyWater’s Phoenix Backdoor Infects More Than 100 Government Organizations
Advanced Persistent Threat (APT) MuddyWater has orchestrated a sophisticated phishing campaign targeting over 100 government entities across the Middle East, North Africa, and international organizations […]
Volvo’s recent security breach: 5 tips to speed incident response while preserving forensic integrity
In August 2025, Volvo Group North America disclosed that it had been impacted by a data breach originating in its third-party HR software provider, Miljödata. […]
FileFix + Cache Smuggling: A New Evasion Combo
Cybersecurity researchers have uncovered a sophisticated evolution in phishing attacks that combines FileFix social engineering with cache smuggling techniques to bypass modern security defenses. This […]
Active Directory at Risk Due to Domain-Join Account Misconfigurations
Active Directory domain join accounts are systematically exposing enterprise environments to compromise, even when administrators follow Microsoft’s official guidance. A comprehensive security analysis reveals that […]
Atlas browser exploit lets attackers hijack ChatGPT memory
Days after cybersecurity analysts warned enterprises against installing OpenAI’s new Atlas browser, researchers have discovered a vulnerability that allows attackers to infect systems with malicious […]
Copilot diagrams could leak corporate emails via indirect prompt injection
Microsoft has patched an indirect prompt injection flaw in Microsoft 365 Copilot that could have allowed attackers to steal sensitive data using clickable Mermaid diagrams. […]
Anivia Stealer Peddled on Dark Web with UAC Bypass
A newly advertised information-stealing malware called Anivia Stealer has surfaced on the dark web, with threat actor ZeroTrace aggressively promoting the C++17-based infostealer as a […]
Is Your Google Workspace as Secure as You Think it is?
The New Reality for Lean Security Teams If you’re the first security or IT hire at a fast-growing startup, you’ve likely inherited a mandate that’s […]
Zero-Click Exploit Targets MCP and Linked AI Agents to Stealthily Steal Data
Operant AI’s security research team has uncovered Shadow Escape, a dangerous zero-click attack that exploits the Model Context Protocol to steal sensitive data through AI […]