The China-linked cyber espionage group tracked as APT41 has been attributed to a new campaign targeting government IT services in the African region. “The attackers […]
KAWA4096 Ransomware Employs WMI Techniques to Delete Backup Snapshots
Trustwave SpiderLabs has played a crucial role in monitoring new ransomware variants in the incredibly unstable ransomware threat landscape of 2025, where dozens of new […]
Iran-Linked DCHSpy Android Malware Masquerades as VPN Apps to Spy on Dissidents
Cybersecurity researchers have unearthed new Android spyware artifacts that are likely affiliated with the Iranian Ministry of Intelligence and Security (MOIS) and have been distributed […]
Attackers Can Exploit Lighthouse Studio RCE Bug to Gain Server Access
Researchers at Assetnote have uncovered a critical remote code execution (RCE) vulnerability in Lighthouse Studio, a widely used survey software developed by Sawtooth Software. This […]
AI-Powered Cloaking Tools Help Threat Actors Hide Malicious Domains from Security Scans
Threat actors are increasingly adopting AI-powered cloaking services to obfuscate phishing domains, counterfeit e-commerce sites, and malware distribution endpoints from automated security scanners. This technique, […]
_Charlotte_Allen_Alamy.jpg?width=1280&auto=webp&quality=80&disable=upscale)
Containment as a Core Security Strategy
We cannot keep reacting to vulnerabilities as they emerge. We must assume the presence of unknown threats and reduce the blast radius that they can […]
Snake Keylogger Uses Persistence via Scheduled Tasks to Steal Login Data Undetected
Researchers have uncovered a sophisticated phishing campaign zeroing in on Turkish enterprises, with a particular focus on the defense and aerospace industries. Threat actors are […]
Microsoft Rushes Emergency Patch for Actively Exploited SharePoint ‘ToolShell’ Bug
Malicious actors already have already pounced on the zero-day vulnerability, tracked as CVE-2025-53770, to compromise US government agencies and other businesses in ongoing and widespread […]
Microsoft Fix Targets Attacks on SharePoint Zero-Day
On Sunday, July 20, Microsoft Corp. issued an emergency security update for a vulnerability in SharePoint Server that is actively being exploited to compromise vulnerable […]
Researchers Release PoC Exploit for High-Severity NVIDIA AI Toolkit Bug
Wiz Research has disclosed a severe vulnerability in the NVIDIA Container Toolkit (NCT), dubbed #NVIDIAScape and tracked as CVE-2025-23266 with a CVSS score of 9.0, […]