A critical security flaw in the GiveWP Donation Plugin tracked as CVE-2025-0912, has exposed over 100,000 WordPress websites to unauthenticated remote code execution (RCE) attacks. […]
APT29 Deploys GRAPELOADER Malware Targeting European Diplomats Through Wine-Tasting Lures
The Russian state-sponsored threat actor known as APT29 has been…
Rogue npm Packages Mimic Telegram Bot API to Plant SSH Backdoors on Linux Systems
Cybersecurity researchers have uncovered three malicious packages in the npm…
10 Best Patch Management Tools 2025
In today’s digital landscape, maintaining secure and efficient IT systems…
10 Best Cloud Security Solutions 2025
In today’s digital era, businesses are increasingly adopting cloud computing…
Chinese Hackers Exploit Ivanti Connect Secure Flaw to Gain Unauthorized Access
In a sophisticated cyber-espionage operation, a group known as UNC5221,…
Chinese Smishing Kit Powers Widespread Toll Fraud Campaign Targeting U.S. Users in 8 States
Cybersecurity researchers are warning of a "widespread and ongoing" SMS phishing campaign that's been targeting toll road users in the United States for financial theft since mid-October 2024. "The toll road smishing attacks are being carried out by multiple financially motivated threat actors using the smishing kit developed by 'Wang Duo Yu,'" Cisco Talos researchers Azim Khodjibaev, Chetan ​The original article found on The Hacker News Read More
APT29 Deploys GRAPELOADER Malware Targeting European Diplomats Through Wine-Tasting Lures
The Russian state-sponsored threat actor known as APT29 has been…
Rogue npm Packages Mimic Telegram Bot API to Plant SSH Backdoors on Linux Systems
Cybersecurity researchers have uncovered three malicious packages in the npm…
Chinese Hackers Exploit Ivanti Connect Secure Flaw to Gain Unauthorized Access
In a sophisticated cyber-espionage operation, a group known as UNC5221,…
10 Best Cloud Security Solutions 2025
In today’s digital era, businesses are increasingly adopting cloud computing…
10 Best Patch Management Tools 2025
In today’s digital landscape, maintaining secure and efficient IT systems…
Is the Middle East’s Race to Digitize a Threat to Infrastructure?
As the region continues with its ambitious road map, cybersecurity…
Microsoft March 2025 Patch Tuesday: Fixes for 57 Vulnerabilities & 6 Actively Exploited Zero-Days
Microsoft’s March 2025 Patch Tuesday addresses 57 vulnerabilities, including six…
Microsoft Warns of ClickFix Phishing Campaign Targeting Hospitality Sector via Fake Booking[.]com Emails
Microsoft has shed light on an ongoing phishing campaign that…
Russia-Linked Gamaredon Uses Troop-Related Lures to Deploy Remcos RAT in Ukraine
Entities in Ukraine have been targeted as part of a…
Apache Pinot Vulnerability Let Attackers Bypass Authentication
A critical security vulnerability (CVE-2024-56325) in Apache Pinot, the open-source…
Defending against USB drive attacks with Wazuh
USB drive attacks constitute a significant cybersecurity risk, taking advantage of the everyday use of USB devices to deliver malware and circumvent traditional network security […]
_Borka_Kiss_Alamy.jpg)
Why Security Leaders Are Opting for Consulting Gigs
Many CISOs are weighing the benefits of going virtual as a consultant. Can the pendulum swing in the other direction? ​  darkreading Read More
So werden PV-Anlagen digital angegriffen und geschützt
Unternehmen setzen vermehrt auf Solaranlagen mit Batteriespeichern, um hohe Energiekosten und Netzstabilitätsrisiken zu minimieren. Diese Systeme sind allerdings oft nicht gehärtet und damit ein immer […]
Polnische Raumfahrtbehörde kämpft mit Cyberattacke
Die polnische Raumfahrtbehörde POLSA wurde Ziel eines Cyberangriffs. BUTENKOV ALEKSEI – Shutterstock.com Wie die polnische Raumfahrtbehörde POLSA kürzlich über ihren X-Account mitteilte, ist es zu […]
China-Linked Silk Typhoon Expands Cyber Attacks to IT Supply Chains for Initial Access
The China-lined threat actor behind the zero-day exploitation of security flaws in Microsoft Exchange servers in January 2021 has shifted its tactics to target the […]
Microsoft Warns of Silk Typhoon Hackers Attacking IT Supply Chain
Microsoft Threat Intelligence has identified a significant shift in tactics by Silk Typhoon, a Chinese state-sponsored espionage group that has begun targeting common IT solutions […]
Ransomware goes postal: US healthcare firms receive fake extortion letters
In late February, healthcare organizations across the US started receiving extortion demands by mail claiming that their organization’s data had been stolen in a ransomware […]
Bogus ‘BianLian’ Gang Sends Snail-Mail Extortion Letters
The letters mimic typical ransom notes and threaten to delete or leak compromised data if payments aren’t made, though none of the organizations that received […]
.webp)
Microsoft To Harden The Trust Boundary of VBS Enclaves
Microsoft has recently published comprehensive guidance for developers working with Virtualization-Based Security (VBS) enclaves, highlighting critical security measures to strengthen the trust boundary between different […]