News

Russian Threat Actors Exploit Microsoft 365 OAuth Workflows in Targeted Phishing Campaigns

APT-News

Russian Threat Actors Exploit Microsoft 365 OAuth Workflows in Targeted Phishing Campaigns

Since early March 2025, Russian state-aligned threat actors have been conducting sophisticated phishing campaigns targeting organizations with...

Google’s Sensitive Content Warnings: Technical Analysis of On-Device Scanning for Unsolicited Nudes

News

Google’s Sensitive Content Warnings: Technical Analysis of On-Device Scanning for Unsolicited Nudes

Google has introduced a new safety feature in its Messages app designed to combat unsolicited nude images...

Microsoft Achieves 92% Phishing-Resistant MFA Adoption in Corporate Environments

Blue-Team

Microsoft Achieves 92% Phishing-Resistant MFA Adoption in Corporate Environments

Microsoft has reached a significant milestone in its cybersecurity strategy, reporting a 92% adoption rate of phishing-resistant...

Apache Web Server SQL Injection Vulnerability (CVE-2025-23176): Technical Analysis and Mitigation

CVE News

Apache Web Server SQL Injection Vulnerability (CVE-2025-23176): Technical Analysis and Mitigation

A newly disclosed SQL injection vulnerability (CVE-2025-23176) in Apache Web Server has been rated with a CVSS...

Marks & Spencer Cyber Incident: Operational Disruptions and Security Response

News

Marks & Spencer Cyber Incident: Operational Disruptions and Security Response

British retail giant Marks & Spencer (M&S) confirmed a cybersecurity breach on 22 April 2025, disrupting store...

Bitcoin’s Three-Month Low: Analyzing Market Volatility and Security Risks

Threat Intelligence

Bitcoin’s Three-Month Low: Analyzing Market Volatility and Security Risks

Bitcoin recently fell to its lowest price in three months, dropping from $95,930 to $85,899.99 amid macroeconomic...

Poland Attributes Election-Targeted Cyberattack to Russian-Linked Actors

APT-News

Poland Attributes Election-Targeted Cyberattack to Russian-Linked Actors

Polish Prime Minister Donald Tusk has publicly attributed a cyberattack targeting his Civic Platform party’s systems to...

The Hidden Infrastructure Behind Cyber Big Game Hunting: TAG-124 and Malicious TDS

Threat Intelligence

The Hidden Infrastructure Behind Cyber Big Game Hunting: TAG-124 and Malicious TDS

Cybercriminals are increasingly using sophisticated Traffic Distribution Systems (TDS) like TAG-124 to deliver ransomware and malware to...

Critical IBM Hardware Management Console Vulnerability Allows Local Command Execution (CVE-2025-1950)

CVE News

Critical IBM Hardware Management Console Vulnerability Allows Local Command Execution (CVE-2025-1950)

A newly disclosed critical vulnerability in IBM’s Hardware Management Console (HMC) for Power Systems could allow local...

Malicious npm and PyPI Packages Impersonate Developer Tools to Steal Credentials

Threat Intelligence

Malicious npm and PyPI Packages Impersonate Developer Tools to Steal Credentials

Recent findings by the Socket Threat Research Team reveal a growing trend of threat actors uploading malicious...

Post-Quantum Cryptography: Preparing for the Quantum Threat

News

Post-Quantum Cryptography: Preparing for the Quantum Threat

The rise of quantum computing has forced the cybersecurity community to confront a new reality: traditional encryption...

CISA Issues Five Critical ICS Advisories Covering Siemens, Schneider Electric, and ABB Systems

CVE News

CISA Issues Five Critical ICS Advisories Covering Siemens, Schneider Electric, and ABB Systems

The Cybersecurity and Infrastructure Security Agency (CISA) published five Industrial Control Systems (ICS) advisories on April 22,...

pySimReader: A Python-Based SIM Card Management Tool for Security Professionals

Red-Team

pySimReader: A Python-Based SIM Card Management Tool for Security Professionals

pySimReader is a Python-based utility designed for managing GSM SIM cards, offering functionalities like phonebook and SMS...

Critical Symantec pcAnywhere Remote Code Execution Vulnerability (CVE-2011-3478)

CVE News

Critical Symantec pcAnywhere Remote Code Execution Vulnerability (CVE-2011-3478)

A critical buffer overflow vulnerability in Symantec pcAnywhere, identified as CVE-2011-3478, allows unauthenticated attackers to execute arbitrary...

AI vs. Traditional Static Analysis: Evaluating Buffer Overflow Detection Capabilities

News

AI vs. Traditional Static Analysis: Evaluating Buffer Overflow Detection Capabilities

Buffer overflow vulnerabilities remain a persistent challenge in software security, with detection methods evolving alongside advancements in...

Display Protocol Vulnerabilities: Exploiting EDID, HDMI Side-Channels, and Digital Signage

Red-Team

Display Protocol Vulnerabilities: Exploiting EDID, HDMI Side-Channels, and Digital Signage

Display interfaces like HDMI, DVI, and DisplayPort contain overlooked attack surfaces that security professionals should understand. Research...

Rapid7’s Remediation Hub: A Shift from CVE-Centric to Risk-Based Vulnerability Management

Blue-Team

Rapid7’s Remediation Hub: A Shift from CVE-Centric to Risk-Based Vulnerability Management

Traditional vulnerability management often focuses on individual CVEs, leading to fragmented remediation efforts. Rapid7’s Remediation Hub introduces...

FBI Warns of Medusa Ransomware Targeting Email and VPN Users: Mitigation and Analysis

Threat Intelligence

FBI Warns of Medusa Ransomware Targeting Email and VPN Users: Mitigation and Analysis

The FBI has issued an urgent warning to Gmail and Outlook users about a surge in Medusa...

Martin Lewis Urges Mobile Users to Secure Devices with IMEI Code

News

Martin Lewis Urges Mobile Users to Secure Devices with IMEI Code

Financial expert Martin Lewis has issued an urgent warning to mobile phone users, advising them to retrieve...

Online Grooming Gangs Exploiting Young Girls: A Technical Analysis of the Threat Landscape

Threat Intelligence

Online Grooming Gangs Exploiting Young Girls: A Technical Analysis of the Threat Landscape

The National Crime Agency (NCA) has issued a stark warning about the rise of online grooming gangs...

Red-Team News

Russian Threat Actors Exploit Microsoft 365 OAuth Workflows in Targeted Phishing Campaigns

Google’s Sensitive Content Warnings: Technical Analysis of On-Device Scanning for Unsolicited Nudes

Microsoft Achieves 92% Phishing-Resistant MFA Adoption in Corporate Environments

Apache Web Server SQL Injection Vulnerability (CVE-2025-23176): Technical Analysis and Mitigation

Marks & Spencer Cyber Incident: Operational Disruptions and Security Response

Bitcoin’s Three-Month Low: Analyzing Market Volatility and Security Risks

Poland Attributes Election-Targeted Cyberattack to Russian-Linked Actors

The Hidden Infrastructure Behind Cyber Big Game Hunting: TAG-124 and Malicious TDS

Critical IBM Hardware Management Console Vulnerability Allows Local Command Execution (CVE-2025-1950)

Malicious npm and PyPI Packages Impersonate Developer Tools to Steal Credentials

Post-Quantum Cryptography: Preparing for the Quantum Threat

CISA Issues Five Critical ICS Advisories Covering Siemens, Schneider Electric, and ABB Systems

pySimReader: A Python-Based SIM Card Management Tool for Security Professionals

Critical Symantec pcAnywhere Remote Code Execution Vulnerability (CVE-2011-3478)

AI vs. Traditional Static Analysis: Evaluating Buffer Overflow Detection Capabilities

Display Protocol Vulnerabilities: Exploiting EDID, HDMI Side-Channels, and Digital Signage

Rapid7’s Remediation Hub: A Shift from CVE-Centric to Risk-Based Vulnerability Management

FBI Warns of Medusa Ransomware Targeting Email and VPN Users: Mitigation and Analysis

Martin Lewis Urges Mobile Users to Secure Devices with IMEI Code

Online Grooming Gangs Exploiting Young Girls: A Technical Analysis of the Threat Landscape

You may have missed

Destructive npm Packages Masquerading as Utilities Target Developer Environments

Building a Malware-Resistant Windows Service: Core Strategies for Threat Prevention

Repackaged AT&T Data Leak Exposes 49M Users with Linked SSNs and Birthdates

Securing Windows Services: Design Principles and Mitigation Strategies