The Raspberry Robin malware, also known as Roshtyak, has undergone substantial updates that enhance its evasion and persistence on Windows systems. Active since 2021 and […]
Chollima APT Group Targets Job Seekers and Organizations with JavaScript-Based Malware
The North Korean-linked Chollima advanced persistent threat (APT) group, also known as Famous Chollima, has been orchestrating a persistent cyber espionage campaign since at least […]
Top cybersecurity M&A deals for 2025
Cybersecurity continues to remain one of the biggest concerns in global information technology for a litany of reasons that are all too familiar to cybersecurity […]
Ransomware goes cloud native to target your backup infrastructure
Ransomware groups and other cybercriminals are increasingly targeting cloud-based backup systems, challenging long-established approaches to disaster recovery. Attacks on cloud-based backups are becoming increasingly commonplace […]
5 hard truths of a career in cybersecurity — and how to navigate them
Cybersecurity is an exceptionally promising career path. Demand for cyber talent is high, as is compensation, with average base salaries for leading functional roles topping […]
15,000 Fake TikTok Shop Domains Deliver Malware, Steal Crypto via AI-Driven Scam Campaign
Cybersecurity researchers have lifted the veil on a widespread malicious campaign that’s targeting TikTok Shop users globally with an aim to steal credentials and distribute […]
Streamlit Vulnerability Exposes Users to Cloud Account Takeover Attacks
A critical security flaw in Streamlit, the popular open-source framework for building data applications, has been discovered that could allow cybercriminals to execute cloud account […]
SonicWall Investigating Potential SSL VPN Zero-Day After 20+ Targeted Attacks Reported
SonicWall said it’s actively investigating reports to determine if there is a new zero-day vulnerability following reports of a spike in Akira ransomware actors in […]
WAF Protections Bypassed via JS Injection and Parameter Pollution for XSS Attacks
A groundbreaking security research has revealed that parameter pollution techniques combined with JavaScript injection can bypass 70% of modern Web Application Firewalls (WAFs), raising serious concerns […]
LegalPwn Attack Tricks AI Tools Like ChatGPT and Gemini into Running Malicious Code
Security researchers have discovered a new type of cyberattack that exploits how AI tools process legal text, successfully tricking popular language models into executing dangerous […]