New vulnerabilities in Windows Task Scheduler’s schtasks.exe let attackers bypass UAC, alter metadata, modify event logs, and evade detection. These actions map to MITRE ATT&CK […]
5 Major Concerns With Employees Using The Browser
As SaaS and cloud-native work reshape the enterprise, the web…
Phishers Exploit Google Sites and DKIM Replay to Send Signed Emails, Steal Credentials
In what has been described as an "extremely sophisticated phishing…
New Rust-Based Botnet Hijacks Routers to Inject Remote Commands
A new malware named “RustoBot” has been discovered exploiting vulnerabilities…
Latest Lumma InfoStealer Variant Found Using Code Flow Obfuscation
Researchers have uncovered a sophisticated new variant of the notorious…
Magecart Launches New Attack Using Malicious JavaScript to Steal Credit Card Data
The notorious Magecart group has been identified by the Yarix…
Chinese Smishing Kit Powers Widespread Toll Fraud Campaign Targeting U.S. Users in 8 States
Cybersecurity researchers are warning of a "widespread and ongoing" SMS phishing campaign that's been targeting toll road users in the United States for financial theft since mid-October 2024. "The toll road smishing attacks are being carried out by multiple financially motivated threat actors using the smishing kit developed by 'Wang Duo Yu,'" Cisco Talos researchers Azim Khodjibaev, Chetan The original article found on The Hacker News Read More
Phishers Exploit Google Sites and DKIM Replay to Send Signed Emails, Steal Credentials
In what has been described as an "extremely sophisticated phishing…
5 Major Concerns With Employees Using The Browser
As SaaS and cloud-native work reshape the enterprise, the web…
FBI Alerts Public to Scammers Posing as IC3 Officials in Fraud Scheme
The Federal Bureau of Investigation (FBI) has issued a warning…
Japan Sounds Alarm Over Hackers Draining Millions from Compromised Trading Accounts
Cybersecurity in Japan has hit a new low as the…
Magecart Launches New Attack Using Malicious JavaScript to Steal Credit Card Data
The notorious Magecart group has been identified by the Yarix…
The Future of Cybersecurity Talent – Trends and Opportunities
The cybersecurity landscape is transforming rapidly, driven by evolving threats,…
Hot Button Facebook Ads Tag Middle East, N. Africa Victims
A Libya-linked threat actor has resurfaced, using the same old…
Beware Developers! Malicious NPM Packages Targeting PayPal Users to Steal Sensitive Data
FortiGuard Labs, Fortinet’s AI-driven threat intelligence arm, has uncovered a…
Chinese Hacker Group Tracked Back to iSoon APT Operation
The group, called FishMonger or Aquatic Panda, is working under…
Why Security Leaders Are Opting for Consulting Gigs
Many CISOs are weighing the benefits of going virtual as…
CISA Extend Funding to MITRE to Keep CVE Program Running
The Cybersecurity and Infrastructure Security Agency (CISA) has extended funding to the MITRE Corporation, ensuring the continued operation of the Common Vulnerabilities and Exposures (CVE) […]
Experts Uncover Four New Privilege Escalation Flaws in Windows Task Scheduler
Cybersecurity researchers have detailed four different vulnerabilities in a core component of the Windows task scheduling service that could be exploited by local attackers to […]
Server-Side Phishing Attacks Target Employee and Member Portals to Steal Login Credentials
Attackers have been deploying server-side phishing schemes to compromise employee and member login portals across various enterprises. This strategic shift to server-side operations is designed […]
Windows NTLM Vulnerability (CVE-2025-24054) Actively Exploit in the Wild to Hack Systems
A critical vulnerability in Microsoft Windows, identified as CVE-2025-24054, has been actively exploited in the wild since March 19, 2025, targets organizations worldwide. The flaw, […]
Cloud, Cryptography Flaws in Mobile Apps Leak Enterprise Data
Cloud misconfigurations and cryptography flaws plague some of the top apps used in work environments, exposing organizations to risk and intrusion. The original article found […]
Hackers Target Investors Through Fraud Networks to Steal Financial Data
Hackers have launched sophisticated schemes designed to defraud investors and steal their financial data. Utilizing digital platforms, encrypted messaging apps, and crypto transactions, these criminals […]
Patch Now: NVDIA Flaws Expose AI Models, Critical Infrastructure
A fix for a critical flaw in a tool allowing organizations to run GPU-accelerated containers released last year did not fully mitigate the issue, spurring […]
CISA Extends Support a Last Minute to CVE Program, Averting Global Cybersecurity Crisis
CISA announced an eleventh-hour contract extension with MITRE Corporation to maintain the Common Vulnerabilities and Exposures (CVE) program, narrowly avoiding a lapse in federal funding […]
Researchers Expose Medusa Ransomware Group’s Onion Site
Researchers have successfully infiltrated the digital fortress of one of the most prolific ransomware groups, Medusa Locker. Known for targeting critical sectors like healthcare, education, […]