_Panther_Media_Global_Alamy.jpg?width=1280&auto=webp&quality=80&disable=upscale)
Security is everyone’s responsibility, but as a CISO, it starts with you. ​The original article found on darkreading Read More
Attackers Target the Foundations of Crypto: Smart Contracts
A whole criminal ecosystem revolves around scamming users out of their cryptocurrency assets, but malicious — or vulnerable — smart contracts could be used against […]
VexTrio TDS Deploys Malicious VPN Apps on Google Play and App Store
VexTrio, a sophisticated threat actor known for operating a massive traffic distribution system (TDS), has expanded its malicious activities by deploying fake VPN applications on […]
Columbia University Data Breach Exposes Personal and Financial Data of 870,000
Columbia University disclosed a significant cybersecurity incident that compromised personal and financial information of nearly 870,000 individuals, making it one of the largest data breaches […]
RubyGems, PyPI Hit by Malicious Packages Stealing Credentials, Crypto, Forcing Security Changes
A fresh set of 60 malicious packages has been uncovered targeting the RubyGems ecosystem by posing as seemingly innocuous automation tools for social media, blogging, […]
Leaked Credentials Up 160%: What Attackers Are Doing With Them
When an organization’s credentials are leaked, the immediate consequences are rarely visible—but the long-term impact is far-reaching. Far from the cloak-and-dagger tactics seen in fiction, […]
PyPI Issues Advisory to Prevent ZIP Parser Confusion Attacks on Python Package Installers
The Python Package Index (PyPI) has announced new restrictions aimed at mitigating ZIP parser confusion attacks that could exploit discrepancies in how Python package installers […]
Windows UAC Bypass Exploits Character Map Tool for Privilege Escalation
Cybersecurity researchers have uncovered a new technique that allows attackers to bypass Windows User Account Control (UAC) protections by exploiting an unexpected vulnerability in the […]
Multiple Security Vulnerabilities Found in WWBN AVideo, MedDream, and Eclipse ThreadX
Cisco Talos’ Vulnerability Discovery & Research team has disclosed a total of 12 critical security vulnerabilities across three popular software platforms, highlighting significant security risks […]
Record-Breaking GreedyBear Attack Uses 650 Hacking Tools to Steal $1M from Victims
The threat actor group dubbed GreedyBear has orchestrated an industrial-scale operation blending malicious browser extensions, executable malware, and phishing infrastructure to siphon over $1 million […]