Unpatched TP-Link Archer routers have become the target of a new botnet campaign dubbed Ballista, according to new findings from the Cato CTRL team. “The […]
‘Fog’ Hackers Troll Victims With DOGE Ransom Notes
Since January, threat actors distributing the malware have notched up…
‘Elusive Comet’ Attackers Use Zoom to Swindle Victims
The threat actor uses sophisticated social engineering techniques to infect…
Nation-State Threats Put SMBs in Their Sights
Cyberthreat groups increasingly see small and medium-sized businesses, especially those…
Infostealer Attacks Surge 84% Weekly Through Phishing Emails
The volume of infostealer malware distributed through phishing emails has…
North Korean IT Workers Use Real-Time Deepfakes to Infiltrate Organizations Through Remote Jobs
A division of Palo Alto Networks, have revealed a sophisticated…
Chinese Smishing Kit Powers Widespread Toll Fraud Campaign Targeting U.S. Users in 8 States
Cybersecurity researchers are warning of a "widespread and ongoing" SMS phishing campaign that's been targeting toll road users in the United States for financial theft since mid-October 2024. "The toll road smishing attacks are being carried out by multiple financially motivated threat actors using the smishing kit developed by 'Wang Duo Yu,'" Cisco Talos researchers Azim Khodjibaev, Chetan ​The original article found on The Hacker News Read More
‘Fog’ Hackers Troll Victims With DOGE Ransom Notes
Since January, threat actors distributing the malware have notched up…
‘Elusive Comet’ Attackers Use Zoom to Swindle Victims
The threat actor uses sophisticated social engineering techniques to infect…
Nation-State Threats Put SMBs in Their Sights
Cyberthreat groups increasingly see small and medium-sized businesses, especially those…
Nation-State Threats Put SMBs in Their Sights
Cyberthreat groups increasingly see small and medium businesses, especially those…
Kimsuky Exploits BlueKeep RDP Vulnerability to Breach Systems in South Korea and Japan
Cybersecurity researchers have flagged a new malicious campaign related to…
Microsoft Windows File Explorer Vulnerability Let Attackers Perform Network Spoofing – PoC Released
A critical vulnerability in Windows File Explorer, identified as CVE-2025-24071,…
The Identities Behind AI Agents: A Deep Dive Into AI & NHI
AI agents have rapidly evolved from experimental technology to essential…
Securing Satellite Communications by Encrypting Videos on Satellite Payloads
The security of video data transmitted through satellite communications has…
‘Fog’ Hackers Troll Victims With DOGE Ransom Notes
Since January, threat actors distributing the malware have notched up…
Apache Pinot Vulnerability Let Attackers Bypass Authentication
A critical security vulnerability (CVE-2024-56325) in Apache Pinot, the open-source…
_Brian_Jackson_Alamy.jpg)
Democratizing Security to Improve Security Posture
Analysts weigh in on how democratizing cybersecurity could benefit organizations, particularly SMBs, as threats increase across the landscape. ​The original article found on darkreading Read […]
Steganography Explained: How XWorm Hides Inside Images
Inside the most innocent-looking image, a breathtaking landscape, or a funny meme, something dangerous could be hiding, waiting for its moment to strike. No strange […]
Your Risk Scores Are Lying: Adversarial Exposure Validation Exposes Real Threats
In cybersecurity, confidence is a double-edged sword. Organizations often operate under a false sense of security, believing that patched vulnerabilities, up-to-date tools, polished dashboards, and […]
Moxa Issues Fix for Critical Authentication Bypass Vulnerability in PT Switches
Taiwanese company Moxa has released a security update to address a critical security flaw impacting its PT switches that could permit an attacker to bypass […]
SideWinder APT Targets Maritime, Nuclear, and IT Sectors Across Asia, Middle East, and Africa
Maritime and logistics companies in South and Southeast Asia, the Middle East, and Africa have become the target of an advanced persistent threat (APT) group […]
.webp)
Ragnar Loader Employed By Multiple Ransomware Groups To Evade Detection
A sophisticated malware toolkit known as Ragnar Loader has been identified as a critical component in targeted ransomware attacks. The loader, also known as Sardonic […]
CISA Adds Five Actively Exploited Vulnerabilities in Advantive VeraCore and Ivanti EPM to KEV List
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added five security flaws impacting Advantive VeraCore and Ivanti Endpoint Manager (EPM) to its Known […]
Top 11 Passwordless Authentication Tools – 2025
Passwordless authentication tools are revolutionizing digital security by eliminating the reliance on traditional passwords. Instead, they use advanced technologies such as biometrics (fingerprints, facial recognition), […]
CISA Adds 3 Ivanti Endpoint Manager Bugs to Known Exploited Vulnerabilities Catalog
Today CISA added three Ivanti Endpoint Manager (EPM) vulnerabilities CVE-2024-13159, CVE-2024-13160, and CVE-2024-13161 to its Known Exploited Vulnerabilities (KEV) catalog. These absolute path traversal flaws […]