cybersecurity

Malicious NPM Packages Exfiltrate Host and Network Data via Discord Webhooks

Threat Intelligence

Malicious NPM Packages Exfiltrate Host and Network Data via Discord Webhooks

Security researchers have identified 60 malicious packages in the NPM registry that collect sensitive host and network...

The Challenges of U.S. iPhone Manufacturing: Supply Chain Realities

News

The Challenges of U.S. iPhone Manufacturing: Supply Chain Realities

Apple’s continued resistance to manufacturing iPhones in the United States reflects deep structural challenges in global supply...

Military Veterans in Cybersecurity: Skills, Opportunities, and Career Pathways

News

Military Veterans in Cybersecurity: Skills, Opportunities, and Career Pathways

The transition from military service to cybersecurity careers has become increasingly common, with veterans bringing unique skills...

Fake Ledger Apps Target macOS Users in Seed Phrase Theft Campaign

Threat Intelligence

Fake Ledger Apps Target macOS Users in Seed Phrase Theft Campaign

Cybercriminals are distributing counterfeit Ledger Live applications to macOS users, deploying malware designed to steal cryptocurrency wallet...

FTC Mandates GoDaddy Security Overhaul Following Systemic Data Breaches

Cyber Laws & Regulations

FTC Mandates GoDaddy Security Overhaul Following Systemic Data Breaches

The Federal Trade Commission (FTC) has finalized a settlement requiring GoDaddy to implement sweeping security reforms after...

Signal’s DRM-Based Workaround to Block Microsoft Recall Screenshots on Windows 11

Red-Team

Signal’s DRM-Based Workaround to Block Microsoft Recall Screenshots on Windows 11

Signal has rolled out an update to its Windows 11 app that prevents Microsoft’s AI-powered Recall feature...

Critical Unpatched Vulnerabilities in Versa Concerto Expose Systems to Auth Bypass and RCE

CVE News

Critical Unpatched Vulnerabilities in Versa Concerto Expose Systems to Auth Bypass and RCE

Multiple critical vulnerabilities in Versa Networks’ Concerto platform remain unpatched, exposing enterprise networks to authentication bypass and...

Critical SAMLify SSO Vulnerability Enables Admin Impersonation via Signature Wrapping

CVE News

Critical SAMLify SSO Vulnerability Enables Admin Impersonation via Signature Wrapping

A critical authentication bypass vulnerability (CVE-2025-47949) in the Node.js SAML library samlify allows attackers to forge admin-level...

Malicious Chrome Extensions Impersonating VPNs and AI Tools Steal User Data

Threat Intelligence

Malicious Chrome Extensions Impersonating VPNs and AI Tools Steal User Data

A recent campaign involving over 100 malicious Google Chrome extensions has been discovered impersonating legitimate tools such...

ThreatLocker’s Zero Trust Patch Management: Closing Vulnerability Windows at Scale

Blue-Team

ThreatLocker’s Zero Trust Patch Management: Closing Vulnerability Windows at Scale

Patching remains one of the most fundamental yet challenging aspects of enterprise security. While most organizations recognize...

SK Telecom’s 3-Year Malware Breach: Technical Analysis of a 27M Subscriber Compromise

Data Breach

SK Telecom’s 3-Year Malware Breach: Technical Analysis of a 27M Subscriber Compromise

SK Telecom, South Korea’s largest telecommunications provider, disclosed in April 2025 that a malware breach had persisted...

Hazy Hawk Gang Exploits DNS Misconfigurations to Hijack Trusted Domains

APT-News

Hazy Hawk Gang Exploits DNS Misconfigurations to Hijack Trusted Domains

A threat actor known as **Hazy Hawk** has been actively exploiting DNS misconfigurations to hijack abandoned cloud...

RVTools Supply Chain Attack Delivers Bumblebee Malware Loader

Malware Analysis

RVTools Supply Chain Attack Delivers Bumblebee Malware Loader

The official website for RVTools, a widely used VMware management utility, was compromised in a supply chain...

Service Desk Security: Mitigating Social Engineering and MFA Bypass Attacks

Blue-Team

Service Desk Security: Mitigating Social Engineering and MFA Bypass Attacks

Service desks have become a prime target for cybercriminals, with high-profile attacks on organizations like MGM Resorts...

Banking Sector Cybersecurity: HSBC CEO Highlights Rising Threats and Mitigation Strategies

Threat Intelligence

Banking Sector Cybersecurity: HSBC CEO Highlights Rising Threats and Mitigation Strategies

Ian Stuart, CEO of HSBC, recently stated that cyber threats keep him awake at night, emphasizing the...

O2 UK VoLTE/WiFi Calling Flaw Exposes User Location via Call Metadata

CVE News

O2 UK VoLTE/WiFi Calling Flaw Exposes User Location via Call Metadata

A recently discovered vulnerability in O2 UK’s implementation of Voice over LTE (VoLTE) and WiFi Calling technologies...

Arla Foods Cyberattack: Ransomware Disrupts Dairy Production and Supply Chains

APT-News

Arla Foods Cyberattack: Ransomware Disrupts Dairy Production and Supply Chains

Arla Foods, one of Europe’s largest dairy producers, confirmed a ransomware attack on its Düsseldorf factory, halting...

Anatomy of a Council Ransomware Attack: Tactics, Impact, and Defense Strategies

Threat Intelligence

Anatomy of a Council Ransomware Attack: Tactics, Impact, and Defense Strategies

The recent ransomware attack on a UK local council, as investigated by the BBC, represents one of...

Procolored Printer Drivers Distributed Malware for Six Months: Technical Analysis and Mitigation

Malware Analysis

Procolored Printer Drivers Distributed Malware for Six Months: Technical Analysis and Mitigation

For at least six months, Procolored, a manufacturer of direct-to-film (DTF) printers, distributed malware-infected drivers through its...

Tor Oniux: Kernel-Level Network Anonymization for Linux Applications

Red-Team

Tor Oniux: Kernel-Level Network Anonymization for Linux Applications

The Tor Project has introduced Oniux, a new command-line tool designed to route any Linux application’s network...

Posts pagination

Previous 1 … 7 8 9 10 11 12 13 … 42 Next

cybersecurity

Malicious NPM Packages Exfiltrate Host and Network Data via Discord Webhooks

The Challenges of U.S. iPhone Manufacturing: Supply Chain Realities

Military Veterans in Cybersecurity: Skills, Opportunities, and Career Pathways

Fake Ledger Apps Target macOS Users in Seed Phrase Theft Campaign

FTC Mandates GoDaddy Security Overhaul Following Systemic Data Breaches

Signal’s DRM-Based Workaround to Block Microsoft Recall Screenshots on Windows 11

Critical Unpatched Vulnerabilities in Versa Concerto Expose Systems to Auth Bypass and RCE

Critical SAMLify SSO Vulnerability Enables Admin Impersonation via Signature Wrapping

Malicious Chrome Extensions Impersonating VPNs and AI Tools Steal User Data

ThreatLocker’s Zero Trust Patch Management: Closing Vulnerability Windows at Scale

SK Telecom’s 3-Year Malware Breach: Technical Analysis of a 27M Subscriber Compromise

Hazy Hawk Gang Exploits DNS Misconfigurations to Hijack Trusted Domains

RVTools Supply Chain Attack Delivers Bumblebee Malware Loader

Service Desk Security: Mitigating Social Engineering and MFA Bypass Attacks

Banking Sector Cybersecurity: HSBC CEO Highlights Rising Threats and Mitigation Strategies

O2 UK VoLTE/WiFi Calling Flaw Exposes User Location via Call Metadata

Arla Foods Cyberattack: Ransomware Disrupts Dairy Production and Supply Chains

Anatomy of a Council Ransomware Attack: Tactics, Impact, and Defense Strategies

Procolored Printer Drivers Distributed Malware for Six Months: Technical Analysis and Mitigation

Tor Oniux: Kernel-Level Network Anonymization for Linux Applications

You may have missed

U.S. Sanctions Grinex Crypto-Exchange as Garantex Successor in Crackdown on Ransomware Money Laundering

Meta’s Erroneous Instagram Account Bans: Technical Implications for Security Teams

Supreme Court’s Decision on Mississippi Social Media Age Verification Law: Technical and Legal Implications

Microsoft Resolves Critical Windows Server Cluster and VM Stability Issues