Cybersecurity researchers have stumbled upon a treasure trove of operational tools and scripts linked to the KeyPlug malware, associated with the threat group RedGolf, also […]
APT29 Deploys GRAPELOADER Malware Targeting European Diplomats Through Wine-Tasting Lures
The Russian state-sponsored threat actor known as APT29 has been…
Rogue npm Packages Mimic Telegram Bot API to Plant SSH Backdoors on Linux Systems
Cybersecurity researchers have uncovered three malicious packages in the npm…
10 Best Patch Management Tools 2025
In today’s digital landscape, maintaining secure and efficient IT systems…
10 Best Cloud Security Solutions 2025
In today’s digital era, businesses are increasingly adopting cloud computing…
Chinese Hackers Exploit Ivanti Connect Secure Flaw to Gain Unauthorized Access
In a sophisticated cyber-espionage operation, a group known as UNC5221,…
Chinese Smishing Kit Powers Widespread Toll Fraud Campaign Targeting U.S. Users in 8 States
Cybersecurity researchers are warning of a "widespread and ongoing" SMS phishing campaign that's been targeting toll road users in the United States for financial theft since mid-October 2024. "The toll road smishing attacks are being carried out by multiple financially motivated threat actors using the smishing kit developed by 'Wang Duo Yu,'" Cisco Talos researchers Azim Khodjibaev, Chetan ​The original article found on The Hacker News Read More
APT29 Deploys GRAPELOADER Malware Targeting European Diplomats Through Wine-Tasting Lures
The Russian state-sponsored threat actor known as APT29 has been…
Rogue npm Packages Mimic Telegram Bot API to Plant SSH Backdoors on Linux Systems
Cybersecurity researchers have uncovered three malicious packages in the npm…
Chinese Hackers Exploit Ivanti Connect Secure Flaw to Gain Unauthorized Access
In a sophisticated cyber-espionage operation, a group known as UNC5221,…
10 Best Cloud Security Solutions 2025
In today’s digital era, businesses are increasingly adopting cloud computing…
10 Best Patch Management Tools 2025
In today’s digital landscape, maintaining secure and efficient IT systems…
Your Risk Scores Are Lying: Adversarial Exposure Validation Exposes Real Threats
In cybersecurity, confidence is a double-edged sword. Organizations often operate…
Gladinet’s Triofox and CentreStack Under Active Exploitation via Critical RCE Vulnerability
A recently disclosed security flaw in Gladinet CentreStack also impacts…
What PCI DSS v4 Really Means – Lessons from A&F Compliance Journey
Access on-demand webinar here Avoid a $100,000/month Compliance Disaster March…
VMware Patches Multiple 47 Vulnerabilities VMware Tanzu Greenplum Backup & Components
VMware has released critical security updates to address 47 vulnerabilities…
Hacker Weaponizing Hard Disk Image Files To Deliver VenomRAT
A sophisticated phishing campaign is leveraging virtual hard disk (.vhd)…
Multi-Stage Malware Attack Uses .JSE and PowerShell to Deploy Agent Tesla and XLoader
A new multi-stage attack has been observed delivering malware families like Agent Tesla variants, Remcos RAT, and XLoader. “Attackers increasingly rely on such complex delivery […]
Gain Legends International Suffers Security Breach – Customers Data Stolen
Gain Legends International, a prominent name in sports, entertainment, and venue management, has confirmed a significant cybersecurity breach that has compromised the personal information of […]
Critical AnythingLLM Vulnerability Exposes Systems to Remote Code Execution
A critical security flaw (CVE-2024-13059) in the open-source AI framework AnythingLLM has raised alarms across cybersecurity communities. The vulnerability, discovered in February 2025, allows attackers with administrative […]
State Sponsored Hackers now Widely Using ClickFix Attack Technique in Espionage Campaigns
The state-sponsored hackers from North Korea, Iran, and Russia have begunp deploying the ClickFix social engineering technique, traditionally associated with cybercriminal activities, into their espionage […]
Microsoft Prevents Billions of Dollars in Fraud and Scams
Microsoft has reported significant strides in thwarting financial fraud across its ecosystem. From April 2024 to April 2025, the tech giant managed to prevent approximately […]
PromptArmor Launches to Help Assess, Monitor Third-Party AI Risks
The AI security startup has already made waves with critical vulnerability discoveries and seeks to address emerging AI concerns with its PromptArmor platform. ​The original […]
Over 6 Million Chrome Extensions Found Executing Remote Commands
Security researchers have uncovered a network of over 35 Google Chrome extensions—collectively installed on more than 6 million browsers—secretly executing remote commands and potentially spying […]
Global Zoom Outage Linked to Server Block by GoDaddy Registry
Millions of users worldwide experienced a sudden disruption of Zoom services on April 16, as the popular video conferencing platform suffered a global outage traced […]
Bubble.io 0-Day Flaw Lets Attackers Run Arbitrary Queries on Elasticsearch
A vulnerability in Bubble.io, a leading no-code development platform, has exposed thousands of applications to data breaches. The flaw allows attackers to bypass security controls […]