LayerX, a cybersecurity firm, has uncovered a sophisticated network of malicious browser extensions, dubbed “sleeper agents,” that are currently installed on nearly 1.5 million devices […]
Your SaaS Data Isn’t Safe: Why Traditional DLP Solutions Fail in the Browser Era
Traditional data leakage prevention (DLP) tools aren’t keeping pace with the realities of how modern businesses use SaaS applications. Companies today rely heavily on SaaS […]
Windows Authentication Coercion Attacks Present Major Risks to Enterprise Networks
Authentication coercion remains a potent attack vector in Windows environments, enabling attackers with even low-privileged domain accounts to force targeted systems, often high-value servers or […]
Malicious PyPI, npm, and Ruby Packages Exposed in Ongoing Open-Source Supply Chain Attacks
Several malicious packages have been uncovered across the npm, Python, and Ruby package repositories that drain funds from cryptocurrency wallets, erase entire codebases after installation, […]
APT37 Hackers Fake Academic Forum Invites to Deliver Malicious LNK Files via Dropbox Platform
The North Korean state-sponsored hacking group APT37 has launched a sophisticated spear phishing campaign in March 2025, targeting activists focused on North Korean issues. Disguised […]
35,000 Internet-Connected Solar Power Systems Vulnerable to Cyberattacks
Forescout Research Vedere Labs has uncovered that nearly 35,000 solar power devices, including inverters, data loggers, and gateways from 42 vendors, are exposed on the […]
Wireshark Certified Analyst – Wireshark Released Official Certification for Security Professionals
The Wireshark Foundation has officially launched the Wireshark Certified Analyst (WCA-101) certification, marking a significant milestone for IT professionals and network engineers worldwide. Designed by […]
IBM QRadar Vulnerabilities Expose Sensitive Configuration Files to Attackers
IBM has issued a security bulletin highlighting multiple vulnerabilities in its QRadar Suite Software and Cloud Pak for Security platforms. The flaws, which range from […]
New Malware Attack Uses Malicious Chrome & Edge Extensions to Steal Sensitive Data
Cybersecurity experts from Positive Technologies’ Security Expert Center have uncovered a sophisticated malicious campaign dubbed “Phantom Enigma,” primarily targeting Brazilian residents while also affecting organizations […]
New Crocodilus Malware Grants Full Control Over Android Devices
The Mobile Threat Intelligence (MTI) team identified a formidable new player in the mobile malware landscape: Crocodilus, an Android banking Trojan designed for device takeover. […]