An alarming data leak involving Microsoft Defender XDR has exposed more than 1,700 sensitive documents from hundreds of organizations, following a chain reaction triggered by […]
Why NHIs Are Security’s Most Dangerous Blind Spot
When we talk about identity in cybersecurity, most people think of usernames, passwords, and the occasional MFA prompt. But lurking beneath the surface is a […]
SAP Confirms Critical NetWeaver Flaw Amid Suspected Zero-Day Exploitation by Hackers
Threat actors are likely exploiting a new vulnerability in SAP NetWeaver to upload JSP web shells with the goal of facilitating unauthorized file uploads and […]
DslogdRAT Malware Deployed via Ivanti ICS Zero-Day CVE-2025-0282 in Japan Attacks
Cybersecurity researchers are warning about a new malware called DslogdRAT that’s installed following the exploitation of a now-patched security flaw in Ivanti Connect Secure (ICS). […]
Researchers Identify Rack::Static Vulnerability Enabling Data Breaches in Ruby Servers
Cybersecurity researchers have disclosed three security flaws in the Rack Ruby web server interface that, if successfully exploited, could enable attackers to gain unauthorized access […]
6 types of risk every organization must manage — and 4 strategies for doing it
Risk management is the process of identifying, analyzing, and mitigating uncertainties and threats that can harm your organization. That’s a straightforward description of a generic […]
Cybercriminals switch up their top initial access vectors of choice
Third-party involvement in breaches and exploitation of vulnerabilities have become more important factors in security breaches, according to the latest edition of Verizon’s Data Breach […]
Hackers Exploit MS-SQL Servers to Deploy Ammyy Admin for Remote Access
A sophisticated cyberattack campaign has surfaced, targeting poorly managed Microsoft SQL (MS-SQL) servers to deploy malicious tools like Ammyy Admin and PetitPotato malware. Cybersecurity researchers […]
‘SessionShark’ – A New Toolkit Bypasses Microsoft Office 365 MFA Security
Security researchers have uncovered a new and sophisticated threat to Microsoft Office 365 users: a phishing-as-a-service toolkit dubbed “SessionShark O365 2FA/MFA.” Promoted through cybercriminal marketplaces, […]
FBI Offers $10 Million Reward for information on Salt Typhoon Hackers
The Federal Bureau of Investigation (FBI), in partnership with the U.S. Department of State, has announced a reward of up to $10 million for information […]