News

Triofox Antivirus Feature Abused for SYSTEM-Level Code Execution

CVE News

Triofox Antivirus Feature Abused for SYSTEM-Level Code Execution

A critical vulnerability in Gladinet’s Triofox file-sharing platform has been actively exploited by threat actors to bypass...

UK’s Largest-Ever Crypto Seizure: “Bitcoin Queen” Sentenced to 11 Years for £5.5 Billion Fraud

News

UK’s Largest-Ever Crypto Seizure: “Bitcoin Queen” Sentenced to 11 Years for £5.5 Billion Fraud

A Chinese national known as the “Bitcoin Queen” has been sentenced to 11 years and eight months...

SAP November 2025 Patch Day: Critical Hardcoded Credentials and Code Injection Flaws Addressed

CVE News

SAP November 2025 Patch Day: Critical Hardcoded Credentials and Code Injection Flaws Addressed

SAP has released its November 2025 security updates, a critical patch batch addressing 18 new security notes...

Anatomy of a Thwarted RansomHub Attack: From CPU Spike to Domain Admin

Blue-Team

Anatomy of a Thwarted RansomHub Attack: From CPU Spike to Domain Admin

A sudden, unexplained CPU spike on a corporate server, often dismissed as a minor performance issue, was...

Modern Patch Management: Closing the Remediation Gap to Prevent Breaches

Blue-Team

Modern Patch Management: Closing the Remediation Gap to Prevent Breaches

Many organizations continue to struggle with the fundamental security task of patching software vulnerabilities quickly enough to...

Firefox 145 Enhances Anti-Fingerprinting Protections, Impacting Threat Actor Reconnaissance

Blue-Team

Firefox 145 Enhances Anti-Fingerprinting Protections, Impacting Threat Actor Reconnaissance

Mozilla has released Firefox 145, introducing a significant upgrade to its anti-fingerprinting technology that substantially reduces the...

Quantum Route Redirect: A New PhaaS Platform Targeting Microsoft 365 Credentials

Threat Intelligence

Quantum Route Redirect: A New PhaaS Platform Targeting Microsoft 365 Credentials

A new phishing automation platform named Quantum Route Redirect is actively targeting Microsoft 365 users worldwide, leveraging...

The LinkedIn Phishing Epidemic: Technical Analysis of Multi-Channel Attacks Targeting Executives

Blue-Team

The LinkedIn Phishing Epidemic: Technical Analysis of Multi-Channel Attacks Targeting Executives

Security teams are facing a significant shift in the phishing landscape as attackers increasingly pivot from email...

AI Infrastructure Expansion Fueled by Debt Raises Systemic Financial Risks

News

AI Infrastructure Expansion Fueled by Debt Raises Systemic Financial Risks

The artificial intelligence boom is entering a new, capital-intensive phase characterized by a massive surge in debt...

A Hacking Kingpin’s Confession: The Architecture of Cybercrime and the Institutional Response

Threat Intelligence

A Hacking Kingpin’s Confession: The Architecture of Cybercrime and the Institutional Response

In an exclusive interview with the BBC, a prominent cybercriminal known as “Tank” has provided a rare...

NAKIVO v11.1 Enhances Disaster Recovery with Real-Time Replication and MSP Security

Blue-Team

NAKIVO v11.1 Enhances Disaster Recovery with Real-Time Replication and MSP Security

NAKIVO Inc. has launched Backup & Replication v11.1, a substantial update that significantly expands the platform’s disaster...

FileFix Attack Evolves with Cache Smuggling to Evade Detection

Threat Intelligence

FileFix Attack Evolves with Cache Smuggling to Evade Detection

A new variant of the FileFix social engineering attack is leveraging cache smuggling to secretly download malicious...

Microsoft 365 Outage Analysis: A Pattern of Service Instability in 2025

Blue-Team

Microsoft 365 Outage Analysis: A Pattern of Service Instability in 2025

A significant Microsoft 365 outage is actively preventing users from accessing critical services, including Microsoft Teams and...

Microsoft Exchange Online Implements Default Auto-Archiving to Manage Mailbox Growth

News

Microsoft Exchange Online Implements Default Auto-Archiving to Manage Mailbox Growth

Microsoft has initiated a significant change in Exchange Online by enabling threshold-based auto-archiving by default for all...

Critical Authentication Bypass in Service Finder WordPress Theme Actively Exploited

CVE News

Critical Authentication Bypass in Service Finder WordPress Theme Actively Exploited

A critical security vulnerability in the Service Finder WordPress theme and its accompanying Bookings plugin is being...

London Nursery Ransomware Attack: Arrests Made Following Child Data Doxing

Data Breach

London Nursery Ransomware Attack: Arrests Made Following Child Data Doxing

The UK Metropolitan Police has made two arrests in connection with a ransomware attack against the Kido...

Docker’s Hardened Images: A Security-First Approach to Container Supply Chain

Blue-Team

Docker’s Hardened Images: A Security-First Approach to Container Supply Chain

Docker has fundamentally changed its approach to container security by making its Hardened Images catalog available through...

The AI Hiring Arms Race: Technical Analysis of Applicant and Recruiter Countermeasures

News

The AI Hiring Arms Race: Technical Analysis of Applicant and Recruiter Countermeasures

The modern job application process has evolved into a sophisticated technological battleground, where artificial intelligence systems screen...

AI-Powered Breach and Attack Simulation Transforms Security Validation

Blue-Team

AI-Powered Breach and Attack Simulation Transforms Security Validation

Security teams are currently inundated with threat intelligence, creating a significant gap between the discovery of new...

Google’s AI Bug Bounty Program: A Technical Analysis for Security Professionals

Bug Bounties & Responsible Disclosure

Google’s AI Bug Bounty Program: A Technical Analysis for Security Professionals

Google has formally launched a dedicated AI Vulnerability Reward Program (AI VRP), creating a structured channel for...

Red-Team News

Triofox Antivirus Feature Abused for SYSTEM-Level Code Execution

UK’s Largest-Ever Crypto Seizure: “Bitcoin Queen” Sentenced to 11 Years for £5.5 Billion Fraud

SAP November 2025 Patch Day: Critical Hardcoded Credentials and Code Injection Flaws Addressed

Anatomy of a Thwarted RansomHub Attack: From CPU Spike to Domain Admin

Firefox 145 Enhances Anti-Fingerprinting Protections, Impacting Threat Actor Reconnaissance

AI Infrastructure Expansion Fueled by Debt Raises Systemic Financial Risks

A Hacking Kingpin’s Confession: The Architecture of Cybercrime and the Institutional Response

FileFix Attack Evolves with Cache Smuggling to Evade Detection

Critical Authentication Bypass in Service Finder WordPress Theme Actively Exploited

London Nursery Ransomware Attack: Arrests Made Following Child Data Doxing

The AI Hiring Arms Race: Technical Analysis of Applicant and Recruiter Countermeasures

AI-Powered Breach and Attack Simulation Transforms Security Validation

Google’s AI Bug Bounty Program: A Technical Analysis for Security Professionals

You may have missed

Asahi Group Ransomware Attack: Qilin Gang Compromises Data of 1.9 Million

Australian Man Sentenced for “Evil Twin” WiFi Attacks Targeting Airports and Flights

GitLab Public Repository Scan Uncovers Widespread Exposure of Live Secrets

GreyNoise IP Check: A Free Tool for Botnet Detection and IP Reputation Monitoring