A critical infrastructure entity within Ukraine was targeted by a previously unseen data wiper malware named PathWiper, according to new findings from Cisco Talos. “The […]
New pathWiper Malware Targets Critical Infrastructure to Deploy Admin Tools
Cisco Talos has uncovered a sophisticated and destructive cyberattack targeting a critical infrastructure entity in Ukraine, deploying a previously unknown wiper malware dubbed “PathWiper.” This […]
Don’t give hacktivists what they really want
Recently, several important Swedish services have been hit by distributed denial-of-service attacks: a few weeks ago it was Swish, before that it was Bank-id, and […]
PoC Exploit Released for Apache Tomcat DoS Vulnerability
A critical memory leak vulnerability in Apache Tomcat’s HTTP/2 implementation (CVE-2025-31650) has been weaponized, enabling unauthenticated denial-of-service attacks through malformed priority headers. The flaw affects […]
Paste.ee Turned Cyber Weapon: XWorm and AsyncRAT Delivered by Malicious Actors
The widespread text-sharing website Paste.ee has been used as a weapon by bad actors to spread powerful malware strains like XWorm and AsyncRAT, which is […]
Hackers Exploit Roundcube Vulnerability to Steal User Credentials via XSS Attack
A recent spearphishing campaign targeting Polish entities has been attributed with high confidence to the UNC1151 threat actor, a group linked to Belarusian state interests […]
CISOs urged to push vendors for roadmaps on post-quantum cryptography readiness
CISOs have been urged to demand clear post-quantum cryptography (PQC) readiness roadmaps from vendors and partners to combat the looming threat of cryptographically relevant quantum […]
Cybersecurity in der Lieferkette: Wie Sie Ihre Software-Supply-Chain schützen
Um Ihre Software-Lieferkette zu schützen, kann Generative AI sehr hilfreich sein. NTPY -Shutterstock.com Es klingt wie ein Agentenkrimi: Unbekannten Drahtziehern ist es gelungen, eine Hintertür […]
CISA asks CISOs: Does that asset really have to be on the internet?
The US Cybersecurity and Infrastructure Security Agency (CISA) this week issued guidance to infosec pros on ways they can find insecure IT and OT systems, […]
SecOps Need to Tackle AI Hallucinations to Improve Accuracy
AI is increasingly embedded into threat detection and response tools, but hallucinations can lead to false positive and inaccurate guidance. The AI-associated risk can’t be […]