The phishing operation is using Telegram groups to sell a phishing-as-a-service kit with customer service, a mascot, and infrastructure that requires little technical knowledge to […]
Victoria’s Secret Website Taken Offline After Cybersecurity Breach
Victoria’s Secret, the iconic lingerie retailer, has taken its US website offline and suspended some in-store services following a major cybersecurity incident. Customers attempting to […]
New Research Reveals Key TCP SYN Patterns for Detecting Malicious Activity
A groundbreaking study by NETSCOUT, utilizing data from their honeypot systems designed to capture unsolicited internet traffic, has shed light on the intricate patterns within […]
Critical Dell PowerStore T Vulnerability Allows Full System Compromise
As part of its ongoing commitment to product security, Dell Technologies has released a significant update for the PowerStore T family, remediating a series of […]
CISA Releases Dedicated SIEM & SOAR Guide for Cybersecurity Professionals
Security Information and Event Management (SIEM) platforms are essential for detecting, analyzing, and responding to cybersecurity threats in real time. However, the effectiveness of a […]
New ChoiceJacking Exploit Targets Android and iOS via Infected Charging Ports
A team of cybersecurity researchers from the Institute of Information Security and A-SIT Secure Information Technology Centre Austria has unveiled a new class of USB-based […]
New Spear-Phishing Campaign Targets Financial Executives with NetBird Malware
Trellix’s email security systems detected a highly targeted spear-phishing campaign aimed at CFOs and finance executives across industries like banking, energy, insurance, and investment firms […]
Woodpecker: Red Teaming Tool Targets AI, Kubernetes, and API Vulnerabilities
Operant AI has announced the release of Woodpecker, an open-source automated red teaming engine designed to make advanced security testing accessible to organizations of all […]
Chinese APT41 Exploits Google Calendar for Malware Command-and-Control Operations
Google on Wednesday disclosed that the Chinese state-sponsored threat actor known as APT41 leveraged a malware called TOUGHPROGRESS that uses Google Calendar for command-and-control (C2). […]
Malicious WordPress Plugin Disguised as Java Update Infects Site Visitors
A troubling new cyber threat has emerged targeting WordPress websites, where a malicious plugin masquerading as a legitimate tool tricks visitors into downloading harmful software. […]