SquareX researchers Jeswin Mathai and Audrey Adeline will be disclosing a new class of data exfiltration techniques at BSides San Francisco 2025. Titled “Data Splicing Attacks: Breaking Enterprise DLP from the […]
TP-Link Router Vulnerabilities Allow Attackers to Execute Malicious SQL Commands
Cybersecurity researchers have uncovered critical SQL injection vulnerabilities in four…
Faster Vulnerability Patching Reduces Risk and Lowers Cyber Risk Index
Trend Micro’s Cyber Risk Exposure Management (CREM) solution has highlighted…
Malicious npm Packages Target Linux Developers with SSH Backdoor Attacks
In a sophisticated onslaught targeting the open-source ecosystem, reports have…
Samsung One UI Vulnerability Leaks Sensitive Data in Plain Text With No Expiration!
A glaring vulnerability has come to light within Samsung’s One…
5 Major Concerns With Employees Using The Browser
As SaaS and cloud-native work reshape the enterprise, the web…
Chinese Smishing Kit Powers Widespread Toll Fraud Campaign Targeting U.S. Users in 8 States
Cybersecurity researchers are warning of a "widespread and ongoing" SMS phishing campaign that's been targeting toll road users in the United States for financial theft since mid-October 2024. "The toll road smishing attacks are being carried out by multiple financially motivated threat actors using the smishing kit developed by 'Wang Duo Yu,'" Cisco Talos researchers Azim Khodjibaev, Chetan The original article found on The Hacker News Read More
Faster Vulnerability Patching Reduces Risk and Lowers Cyber Risk Index
Trend Micro’s Cyber Risk Exposure Management (CREM) solution has highlighted…
TP-Link Router Vulnerabilities Allow Attackers to Execute Malicious SQL Commands
Cybersecurity researchers have uncovered critical SQL injection vulnerabilities in four…
Samsung One UI Vulnerability Leaks Sensitive Data in Plain Text With No Expiration!
A glaring vulnerability has come to light within Samsung’s One…
Malicious npm Packages Target Linux Developers with SSH Backdoor Attacks
In a sophisticated onslaught targeting the open-source ecosystem, reports have…
Phishers Exploit Google Sites and DKIM Replay to Send Signed Emails, Steal Credentials
In what has been described as an "extremely sophisticated phishing…
INTERPOL Arrests 306 Suspects, Seizes 1,842 Devices in Cross-Border Cybercrime Bust
Law enforcement authorities in seven African countries have arrested 306…
Threat Actor Impersonates Booking.com in Phishing Scheme
Microsoft detailed a sophisticated campaign that relies on a social…
Hackers Exploit Stolen Certificates and Private Keys to Breach Organizations
Recent research has unveiled a concerning vulnerability within the realm…
How Each Pillar of the 1st Amendment is Under Attack
“Congress shall make no law respecting an establishment of religion,…
Microsoft Drops Another Massive Patch Update
A threat actor has already exploited one of the flaws…
Landmark Admin Suffers Major Breach, Exposing Data of 1.6M+ Users
Landmark Admin, LLC (“Landmark”), a Texas-based third-party administrator for life insurance carriers, has confirmed that a cyberattack compromised sensitive personal data belonging to more than […]
From Third-Party Vendors to U.S. Tariffs: The New Cyber Risks Facing Supply Chains
Introduction Cyber threats targeting supply chains have become a growing concern for businesses across industries. As companies continue to expand their reliance on third-party vendors, […]
Gamma AI Platform Abused in Phishing Chain to Spoof Microsoft SharePoint Logins
Threat actors are leveraging an artificial intelligence (AI) powered presentation platform named Gamma in phishing attacks to direct unsuspecting users to spoofed Microsoft login pages. […]
Firefox Fixes High-Severity Vulnerability Causing Memory Corruption via Race Condition
Mozilla has released Firefox 137.0.2, addressing a high-severity security flaw that could potentially allow attackers to exploit memory corruption. The fix comes following the discovery […]
APT29 Hackers Use GRAPELOADER in New Attack Against European Diplomats
Check Point Research (CPR) has uncovered a new targeted phishing campaign employing GRAPELOADER, a sophisticated initial-stage downloader, launched by the notorious Russian-linked hacking group APT29, […]
Product Walkthrough: A Look Inside Wing Security’s Layered SaaS Identity Defense
Intro: Why hack in when you can log in? SaaS applications are the backbone of modern organizations, powering productivity and operational efficiency. But every new […]
New BPFDoor Controller Enables Stealthy Lateral Movement in Linux Server Attacks
Cybersecurity researchers have unearthed a new controller component associated with a known backdoor called BPFDoor as part of cyber attacks targeting telecommunications, finance, and retail […]
Tails 6.14.2 Released with Critical Fixes for Linux Kernel Vulnerabilities
The Tails Project has urgently released Tails 6.14.2, addressing critical security vulnerabilities in the Linux kernel and the Perl programming language. This emergency release is vital […]
Hacktivist Group Becomes More Sophisticated, Targets Critical Infrastructure to Deploy Ransomware
A recent report by Cyble has shed light on the evolving tactics of hacktivist groups, moving beyond traditional cyber disruptions like DDoS attacks and website […]