Cyberbytes Daily

When I first started thinking seriously about applying zero trust principles to the storage layer, it wasn’t because of some white paper or vendor presentation. […]

In an active, large-scale campaign, attackers are posing as legitimate brands on GitHub Pages to target macOS users with the data-skimming “Atomic” stealer. According to […]

In January 2025, Supermicro released patches addressing critical vulnerabilities in its Baseboard Management Controller (BMC) firmware validation logic. Despite these updates, subsequent research has uncovered […]

A newly disclosed flaw in OnePlus OxygenOS lets any app on a device read SMS and MMS messages without asking the user. Tracked as CVE-2025-10184, […]

U.S. prosecutors last week levied criminal hacking charges against 19-year-old U.K. national Thalha Jubair for allegedly being a core member of Scattered Spider, a prolific […]

Cisco Talos has uncovered a sophisticated, long-running campaign active since 2022 that leverages DLL search order hijacking to deliver a novel PlugX variant with overlapping […]

Phone, emails, and LinkedIn messages — CISOs are flooded with vendors pitching their security products. Outreach attempts can be up to 30 a week. Whether […]

SonicWall has released an urgent software update for its Secure Mobile Access (SMA) 100 Series appliances to remove a dangerous rootkit known as ‘OVERSTEP.’ This […]

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent security alert regarding an actively exploited zero-day vulnerability in Google Chrome.  The vulnerability, designated […]

Cloud security company Wiz has revealed that it uncovered in-the-wild exploitation of a security flaw in a Linux utility called Pandoc as part of attacks […]