A cybersecurity researcher has successfully broken the encryption used by the Linux/ESXI variant of the Akira ransomware, enabling data recovery without paying the ransom demand. […]
5 Major Concerns With Employees Using The Browser
As SaaS and cloud-native work reshape the enterprise, the web…
Phishers Exploit Google Sites and DKIM Replay to Send Signed Emails, Steal Credentials
In what has been described as an "extremely sophisticated phishing…
New Rust-Based Botnet Hijacks Routers to Inject Remote Commands
A new malware named “RustoBot” has been discovered exploiting vulnerabilities…
Latest Lumma InfoStealer Variant Found Using Code Flow Obfuscation
Researchers have uncovered a sophisticated new variant of the notorious…
Magecart Launches New Attack Using Malicious JavaScript to Steal Credit Card Data
The notorious Magecart group has been identified by the Yarix…
Chinese Smishing Kit Powers Widespread Toll Fraud Campaign Targeting U.S. Users in 8 States
Cybersecurity researchers are warning of a "widespread and ongoing" SMS phishing campaign that's been targeting toll road users in the United States for financial theft since mid-October 2024. "The toll road smishing attacks are being carried out by multiple financially motivated threat actors using the smishing kit developed by 'Wang Duo Yu,'" Cisco Talos researchers Azim Khodjibaev, Chetan The original article found on The Hacker News Read More
Phishers Exploit Google Sites and DKIM Replay to Send Signed Emails, Steal Credentials
In what has been described as an "extremely sophisticated phishing…
5 Major Concerns With Employees Using The Browser
As SaaS and cloud-native work reshape the enterprise, the web…
FBI Alerts Public to Scammers Posing as IC3 Officials in Fraud Scheme
The Federal Bureau of Investigation (FBI) has issued a warning…
Japan Sounds Alarm Over Hackers Draining Millions from Compromised Trading Accounts
Cybersecurity in Japan has hit a new low as the…
Magecart Launches New Attack Using Malicious JavaScript to Steal Credit Card Data
The notorious Magecart group has been identified by the Yarix…
New NPM Attack Infecting Local Packages With Cleverly Hidden Malicious Payload
The NPM package repository remains active, and despite a decline…
WinRAR “Mark of the Web” Bypass Vulnerability Let Attackers Arbitrary Code
A newly disclosed vulnerability in WinRAR allows attackers to bypass…
Cloud Security Challenges Every CISO Must Address in Hybrid Environments
Hybrid cloud environments, which blend on-premises infrastructure with public and…
Kali Linux 2025.1a New Tool & Upates to Desktop Environments
Kali Linux, the widely acclaimed cybersecurity-focused distribution, has officially unveiled its latest…
Splunk RCE Vulnerability Let Attackers Execute Arbitrary Code Via File Upload
Splunk has released patches to address a high-severity Remote Code…
New Campaign Attacking PyPI Users to Steal Sensitive Data Including Cloud Tokens
Security researchers have uncovered a sophisticated malware campaign targeting users of the Python Package Index (PyPI), Python’s official third-party software repository. This latest attack vector […]
Microsoft365 Themed Attack Leveraging OAuth Redirection for Account Takeover
Two sophisticated phishing campaigns were observed targeting Microsoft 365 users by exploiting OAuth redirection vulnerabilities combined with brand impersonation techniques. Threat researchers are warning organizations […]
New MassJacker Malware Targets Piracy Users, Hijacking Cryptocurrency Transactions
Users searching for pirated software are the target of a new malware campaign that delivers a previously undocumented clipper malware called MassJacker, according to findings […]
SuperBlack Actors Exploiting Two Fortinet Vulnerabilities to Deploy Ransomware
Between late January and early March 2025, cybersecurity researchers at Forescout’s Vedere Labs uncovered a series of sophisticated intrusions leveraging critical Fortinet vulnerabilities. The attacks, […]
OBSCURE#BAT Malware Uses Fake CAPTCHA Pages to Deploy Rootkit r77 and Evade Detection
A new malware campaign has been observed leveraging social engineering tactics to deliver an open-source rootkit called r77. The activity, condemned OBSCURE#BAT by Securonix, enables […]
What is QR Code Phishing? (Quishing) – Attack & Prevention Guide in 2025
QR code Phishing, or “Quishing,” is a cyber threat that exploits the widespread use of QR (Quick Response) codes in phishing attacks. Quishing takes advantage […]
Top 10 Best Cyber Attack Simulation Tools – 2025
Cyber attack simulation tools help organizations identify vulnerabilities, test security defenses, and improve their cybersecurity posture by simulating real-world attacks. These tools range from breach […]
FBI, CISA Raise Alarms As Medusa Ransomware Attacks Grow
Medusa developers have been targeting a wide variety of critical infrastructure sectors, from healthcare and technology to manufacturing and insurance, racking up its victim count […]
OBSCURE#BAT Malware Highlights Risks of API Hooking
Researchers discovered an attack chain that uses several layers of obfuscated batch files and PowerShell scripts to deliver an advanced and persistent rootkit. The original […]