News

Hazy Hawk Gang Exploits DNS Misconfigurations to Hijack Trusted Domains

APT-News

Hazy Hawk Gang Exploits DNS Misconfigurations to Hijack Trusted Domains

A threat actor known as **Hazy Hawk** has been actively exploiting DNS misconfigurations to hijack abandoned cloud...

RVTools Supply Chain Attack Delivers Bumblebee Malware Loader

Malware Analysis

RVTools Supply Chain Attack Delivers Bumblebee Malware Loader

The official website for RVTools, a widely used VMware management utility, was compromised in a supply chain...

Service Desk Security: Mitigating Social Engineering and MFA Bypass Attacks

Blue-Team

Service Desk Security: Mitigating Social Engineering and MFA Bypass Attacks

Service desks have become a prime target for cybercriminals, with high-profile attacks on organizations like MGM Resorts...

Banking Sector Cybersecurity: HSBC CEO Highlights Rising Threats and Mitigation Strategies

Threat Intelligence

Banking Sector Cybersecurity: HSBC CEO Highlights Rising Threats and Mitigation Strategies

Ian Stuart, CEO of HSBC, recently stated that cyber threats keep him awake at night, emphasizing the...

O2 UK VoLTE/WiFi Calling Flaw Exposes User Location via Call Metadata

CVE News

O2 UK VoLTE/WiFi Calling Flaw Exposes User Location via Call Metadata

A recently discovered vulnerability in O2 UK’s implementation of Voice over LTE (VoLTE) and WiFi Calling technologies...

Arla Foods Cyberattack: Ransomware Disrupts Dairy Production and Supply Chains

APT-News

Arla Foods Cyberattack: Ransomware Disrupts Dairy Production and Supply Chains

Arla Foods, one of Europe’s largest dairy producers, confirmed a ransomware attack on its Düsseldorf factory, halting...

23andMe Acquisition by Regeneron: Data Privacy and Security Implications

News

23andMe Acquisition by Regeneron: Data Privacy and Security Implications

The struggling DNA testing firm 23andMe is set to be acquired by Regeneron Pharmaceuticals for $256 million,...

Anatomy of a Council Ransomware Attack: Tactics, Impact, and Defense Strategies

Threat Intelligence

Anatomy of a Council Ransomware Attack: Tactics, Impact, and Defense Strategies

The recent ransomware attack on a UK local council, as investigated by the BBC, represents one of...

OpenAI’s $3 Billion Windsurf Acquisition: Strategic Shift Toward AI-Driven Developer Tools

News

OpenAI’s $3 Billion Windsurf Acquisition: Strategic Shift Toward AI-Driven Developer Tools

OpenAI has entered advanced talks to acquire AI-powered coding assistant Windsurf (formerly Codeium) for $3 billion, according...

Apple’s AI Partnership with Alibaba Sparks U.S. National Security Concerns

APT-News

Apple’s AI Partnership with Alibaba Sparks U.S. National Security Concerns

The Trump administration and congressional officials have raised objections to Apple’s proposed integration of Alibaba’s artificial intelligence...

Meta’s Antitrust Battle: Examining the FTC’s Monopoly Allegations

Cyber Laws & Regulations

Meta’s Antitrust Battle: Examining the FTC’s Monopoly Allegations

The U.S. Federal Trade Commission (FTC) has accused Meta of maintaining an illegal monopoly in social media...

Procolored Printer Drivers Distributed Malware for Six Months: Technical Analysis and Mitigation

Malware Analysis

Procolored Printer Drivers Distributed Malware for Six Months: Technical Analysis and Mitigation

For at least six months, Procolored, a manufacturer of direct-to-film (DTF) printers, distributed malware-infected drivers through its...

Tor Oniux: Kernel-Level Network Anonymization for Linux Applications

Red-Team

Tor Oniux: Kernel-Level Network Anonymization for Linux Applications

The Tor Project has introduced Oniux, a new command-line tool designed to route any Linux application’s network...

Google Chrome’s Security Update: Blocking Admin-Level Launches in Windows

News

Google Chrome’s Security Update: Blocking Admin-Level Launches in Windows

Google has announced a significant security change to its Chromium engine that will prevent Google Chrome from...

Australian Human Rights Commission Data Breach: Technical Analysis and Impact

Data Breach

Australian Human Rights Commission Data Breach: Technical Analysis and Impact

The Australian Human Rights Commission (AHRC) confirmed a data breach in May 2025, where approximately 670 private...

Microsoft Resolves Linux Boot Issues Caused by August 2024 Windows Security Updates

CVE News

Microsoft Resolves Linux Boot Issues Caused by August 2024 Windows Security Updates

Microsoft has addressed a critical issue affecting dual-boot systems where Linux distributions failed to boot after installing...

Advanced Phishing Campaigns Leverage Trusted Domains and Real-Time Validation

Threat Intelligence

Advanced Phishing Campaigns Leverage Trusted Domains and Real-Time Validation

A new wave of sophisticated phishing attacks is exploiting trusted domains, live CAPTCHAs, and server-side email validation...

Twilio Denies Breach Despite Leak of 89 Million Steam 2FA Codes

News

Twilio Denies Breach Despite Leak of 89 Million Steam 2FA Codes

Twilio has denied claims of a security breach after a threat actor allegedly leaked 89 million Steam...

Ivanti EPMM Zero-Days Exploited in Chained Remote Code Execution Attacks

CVE News

Ivanti EPMM Zero-Days Exploited in Chained Remote Code Execution Attacks

Ivanti has issued an urgent patch advisory for two zero-day vulnerabilities (CVE-2025-4427 and CVE-2025-4428) affecting its Endpoint...

Microsoft May 2025 Patch Tuesday: 5 Exploited Zero-Days and 72 Flaws Addressed

CVE News

Microsoft May 2025 Patch Tuesday: 5 Exploited Zero-Days and 72 Flaws Addressed

Microsoft’s May 2025 Patch Tuesday has delivered critical security updates addressing 72 vulnerabilities, including five zero-days actively...

Red-Team News

Hazy Hawk Gang Exploits DNS Misconfigurations to Hijack Trusted Domains

RVTools Supply Chain Attack Delivers Bumblebee Malware Loader

Service Desk Security: Mitigating Social Engineering and MFA Bypass Attacks

Banking Sector Cybersecurity: HSBC CEO Highlights Rising Threats and Mitigation Strategies

O2 UK VoLTE/WiFi Calling Flaw Exposes User Location via Call Metadata

Arla Foods Cyberattack: Ransomware Disrupts Dairy Production and Supply Chains

23andMe Acquisition by Regeneron: Data Privacy and Security Implications

Anatomy of a Council Ransomware Attack: Tactics, Impact, and Defense Strategies

OpenAI’s $3 Billion Windsurf Acquisition: Strategic Shift Toward AI-Driven Developer Tools

Apple’s AI Partnership with Alibaba Sparks U.S. National Security Concerns

Meta’s Antitrust Battle: Examining the FTC’s Monopoly Allegations

Procolored Printer Drivers Distributed Malware for Six Months: Technical Analysis and Mitigation

Tor Oniux: Kernel-Level Network Anonymization for Linux Applications

Google Chrome’s Security Update: Blocking Admin-Level Launches in Windows

Australian Human Rights Commission Data Breach: Technical Analysis and Impact

Microsoft Resolves Linux Boot Issues Caused by August 2024 Windows Security Updates

Twilio Denies Breach Despite Leak of 89 Million Steam 2FA Codes

Ivanti EPMM Zero-Days Exploited in Chained Remote Code Execution Attacks

Microsoft May 2025 Patch Tuesday: 5 Exploited Zero-Days and 72 Flaws Addressed

You may have missed

Public Exploit Details Emerge for Critical Cisco IOS XE Vulnerability (CVE-2025-20188)

Germany Identifies Conti and TrickBot Leader: A Deep Dive into the Cybercrime Operation

The Legal and Technical Implications of Forcing Google to Share Search Data

Microsoft Authenticator Password Autofill Deprecation: Migration and Security Implications