Meta on Thursday revealed that it disrupted three covert influence operations originating from Iran, China, and Romania during the first quarter of 2025. “We detected […]
‘Everest Group’ Extorts Global Orgs via SAP’s HR Tool
In addition to Coca-Cola, entities in Abu Dhabi, Jordan, Namibia, South Africa, and Switzerland are experiencing extortion attacks, all involving stolen SAP SuccessFactor data. ​The […]
U.S. Sanctions Cloud Provider ‘Funnull’ as Top Source of ‘Pig Butchering’ Scams
Image: Shutterstock, ArtHead. The U.S. government today imposed economic sanctions on Funnull Technology Inc., a Philippines-based company that provides computer infrastructure for hundreds of thousands […]
Warning: Threat actors now abusing Google Apps Script in phishing attacks
Threat actors have discovered a way to abuse Google Apps Scripts to sneak links to malicious websites past phishing defenses. According to new research from […]
APT41 Uses Google Calendar Events for C2
APT41, a Chinese state-sponsored threat actor also known as “Double Dragon,” used Google Calendar as command-and-control infrastructure during a campaign last fall. ​The original article […]
New Botnet Plants Persistent Backdoors in ASUS Routers
Thousands of ASUS routers have been infected and are believed to be part of a wide-ranging ORB network affecting devices from Linksys, D-Link, QNAP, and […]
Poisoned models in fake Alibaba SDKs show challenges of securing AI supply chains
Developers have been increasingly targeted by attackers in recent years with fake software packages on open-source component repositories — a supply chain attack technique that […]
Zscaler’s Buyout of Red Canary Shows Telemetry’s Value
Red Canary’s MDR portfolio complements Zscaler’s purchase last year of Israeli startup Avalor, which automates collection, curation, and enrichment of security data. ​The original article […]
SentinelOne Reports Services Are Back Online After Global Outage
The outage reportedly hit 10 commercial customer consoles for SentinelOne’s Singularity platform, including Singularity Endpoint, XDR, Cloud Security, Identity, Data Lake, RemoteOps, and more. ​The […]
Victoria’s Secret Goes Offline After ‘Incident’ Claims
The lingerie retailer isn’t revealing much about the security incident it’s dealing with but has brought in third-party experts to address the issue. ​The original […]