Security researchers say multiple threat groups, including Iran’s Charming Kitten APT offshoot Subtle Snail, are deploying malware with code-signing certificates from the Houston-based company. The […]
Top 10 Best AI Penetration Testing Companies in 2025
In 2025, AI penetration testing tools have become the backbone of modern cybersecurity strategies, offering automation, intelligence-driven reconnaissance, and vulnerability analysis faster than traditional manual […]
Prep is Underway, But 2026 FIFA World Cup Poses Significant Cyber Challenges
The world’s most-popular sports contest starts in June 2026 across 16 venues in three countries: Securing the event infrastructure from cyber threats will require massive […]
Researchers Expose SVG and PureRAT Phishing Threats Targeting Ukraine and Vietnam
A new campaign has been observed impersonating Ukrainian government agencies in phishing attacks to deliver CountLoader, which is then used to drop Amatera Stealer and […]
Trust in MCP takes first in-the-wild hit via squatted Postmark connector
In a newly disclosed supply-chain attack, an npm package “postmark-mcp” was weaponized to stealthily exfiltrate emails, marking the first reported in-the-wild abuse of user trust […]
Keeper Security Integration with Google SecOps Expands Visibility into Privileged Access
Keeper Security has announced a new integration with Google Security Operations (GoogleSecOps). The integration streams privileged access activity from Keeper into the Google SecOps platform, […]
New COLDRIVER Malware Campaign Joins BO Team and Bearlyfy in Russia-Focused Cyberattacks
The Russian advanced persistent threat (APT) group known as COLDRIVER has been attributed to a fresh round of ClickFix-style attacks designed to deliver two new […]
.webp?ssl=1)
Malicious MCP Server Discovered Stealing Sensitive Emails Using AI Agents
Enterprises everywhere are embracing MCP servers—tools that grant AI assistants “god-mode” permissions to send emails, run database queries, and automate tedious tasks. But no one […]
Crash Tests for Security: Why BAS Is Proof of Defense, Not Assumptions
Car makers don’t trust blueprints. They smash prototypes into walls. Again and again. In controlled conditions. Because design specs don’t prove survival. Crash tests do. […]
Apache Airflow Vulnerability Lets Read-Only Users Access Sensitive Data
Apache Airflow maintainers have disclosed a serious security issue, tracked as CVE-2025-54831, that allows users holding only read permissions to view sensitive connection details via […]