Cybersecurity researchers have disclosed a malicious package uploaded to the Python Package Index (PyPI) repository that’s designed to reroute trading orders placed on the MEXC […]
Microsoft Teams File Sharing Unavailable Due to Unexpected Outage
Microsoft Teams users across the globe are experiencing significant disruptions in file-sharing capabilities due to an unexpected outage, impacting workplace communication and collaboration. A wave […]
Majority of Browser Extensions Can Access Sensitive Enterprise Data, New Report Finds
Everybody knows browser extensions are embedded into nearly every user’s daily workflow, from spell checkers to GenAI tools. What most IT and security people don’t […]
Critical Apache Roller Vulnerability (CVSS 10.0) Enables Unauthorized Session Persistence
A critical security vulnerability has been disclosed in the Apache Roller open-source, Java-based blogging server software that could allow malicious actors to retain unauthorized access […]
China-Backed Threat Actor ‘UNC5174’ Using Open Source Tools in Stealthy Attacks
Sysdig researchers detailed an ongoing campaign from China-backed threat actor UNC5174, which is using open source hacking tools to stay under the radar. The original […]
_Aleksey_Funtap_Alamy.jpg?width=1280&auto=webp&quality=80&disable=upscale)
Are We Prioritizing the Wrong Security Metrics?
True security isn’t about meeting deadlines — it’s about mitigating risk in a way that aligns with business objectives while protecting against real-world threats. The […]
Chinese Hackers Target Linux Systems Using SNOWLIGHT Malware and VShell Tool
The China-linked threat actor known as UNC5174 has been attributed to a new campaign that leverages a variant of a known malware dubbed SNOWLIGHT and […]
How to Conduct a Cloud Security Assessment
As organizations accelerate their adoption of cloud technologies, the need for robust cloud security has never been more urgent. Cloud environments offer scalability, flexibility, and […]
DOGE ‘Big Balls’ Ransomware Utilizes ZIP-Based LNK Shortcuts and BYOVD Techniques for Stealthy Attacks
A new and highly sophisticated ransomware campaign, dubbed “DOGE BIG BALLS Ransomware,” has recently come to light, demonstrating a blend of technical innovation and psychological […]
Cybercriminals Exploit EC2 Instance Metadata Vulnerability to Launch Attacks on Hosted Websites
Cybercriminals have launched a sophisticated campaign targeting websites hosted on Amazon Web Services (AWS) EC2 instances. This campaign, observed in March 2025, exploits a vulnerability […]