A newly identified Android phishing campaign is aggressively targeting Indian users by masquerading as the legitimate PM Surya Ghar: Muft Bijli Yojana, a government initiative […]
Microsoft Defender AI Can Detect Plaintext Credentials in Active Directory
Microsoft has unveiled a new AI-powered security capability that addresses one of cybersecurity’s most persistent vulnerabilities: plaintext credentials stored in Active Directory systems. The enhanced […]
PyPI Moves to Stop Domain Resurrection Attacks with Expired Domain Blocks
The Python Package Index (PyPI) has implemented new security measures to protect against domain resurrection attacks, a sophisticated supply-chain threat where attackers purchase expired domains […]
Lockbit Linux ESXi Ransomware Variant Reveals Evasion Techniques and File Encryption Process
A recent reverse engineering analysis of a Lockbit ransomware variant targeting Linux-based ESXi servers has uncovered several sophisticated evasion techniques and operational details. The malware, […]
PyPI Blocks 1,800 Expired-Domain Emails to Prevent Account Takeovers and Supply Chain Attacks
The maintainers of the Python Package Index (PyPI) repository have announced that the package manager now checks for expired domains to prevent supply chain attacks. […]
7 signs it’s time for a managed security service provider
A managed security service provider (MSSP) offers clients a comprehensive array of security services. Operating as a third party, an MSSP can reduce an IT […]
Microsoft Entra Private Access brings conditional access to on-prem Active Directory
Attackers are increasingly targeting cloud resources, but that doesn’t mean they no longer see our on-premises Active Directory installations as excellent targets for gaining access […]
New Sni5Gect Attack Targets 5G to Steal Messages and Inject Payloads
Cybersecurity researchers at Singapore University of Technology and Design have unveiled a sophisticated new attack framework called SNI5GECT that can intercept 5G communications and inject malicious payloads […]
PipeMagic Malware Imitates ChatGPT App to Exploit Windows Vulnerability and Deploy Ransomware
The PipeMagic malware, which is credited to the financially motivated threat actor Storm-2460, is a remarkable illustration of how cyber dangers are always changing. It […]
Malicious npm Packages Target Crypto Developers to Steal Login Credentials
A sophisticated threat campaign dubbed “Solana-Scan” has emerged, deploying malicious npm packages aimed at infiltrating the Solana cryptocurrency ecosystem. Identified by the Safety research team […]