cybersecurity

U.S. Strategic Bitcoin Reserve: Policy, Risks, and Security Implications

Threat Intelligence

U.S. Strategic Bitcoin Reserve: Policy, Risks, and Security Implications

The U.S. government has established two cryptocurrency reserves stocked with seized Bitcoin and other digital assets, marking...

PumaBot: A New Go-Based Botnet Targeting IoT Devices via SSH Brute-Forcing

Red-Team

PumaBot: A New Go-Based Botnet Targeting IoT Devices via SSH Brute-Forcing

A newly discovered botnet named **PumaBot** is actively targeting Linux-based IoT devices by brute-forcing SSH credentials to...

ASUS Router Botnet “AyySSHush” Deploys Persistent SSH Backdoors: Technical Analysis

Threat Intelligence

ASUS Router Botnet “AyySSHush” Deploys Persistent SSH Backdoors: Technical Analysis

Over 9,000 ASUS routers have been compromised by the “AyySSHush” botnet, which installs persistent SSH backdoors to...

DragonForce Ransomware Exploits SimpleHelp RMM in MSP Supply Chain Attacks

APT-News

DragonForce Ransomware Exploits SimpleHelp RMM in MSP Supply Chain Attacks

The DragonForce ransomware group has compromised over 120 managed service providers (MSPs) by exploiting vulnerabilities in SimpleHelp’s...

Texas Mandates Age Verification for App Store Downloads: Implications for Tech and Security

Cyber Laws & Regulations

Texas Mandates Age Verification for App Store Downloads: Implications for Tech and Security

Texas has enacted a new law requiring Apple and Google to implement age verification for app downloads,...

Prioritizing Exploitable Vulnerabilities: Cutting Through the Noise of CVSS Scores

Blue-Team

Prioritizing Exploitable Vulnerabilities: Cutting Through the Noise of CVSS Scores

Security teams are inundated with vulnerability alerts daily, but not every “critical” CVE warrants an emergency response....

Russian Void Blizzard APT Linked to Dutch Police Breach via Exchange Server Exploit

APT-News

Russian Void Blizzard APT Linked to Dutch Police Breach via Exchange Server Exploit

A newly identified Russian cyberespionage group, tracked as Void Blizzard, has been connected to a September 2024...

Emergency Update Resolves Hyper-V VM Freezes on Windows Server 2022

News

Emergency Update Resolves Hyper-V VM Freezes on Windows Server 2022

Microsoft has released an out-of-band (OOB) update to address a critical issue causing Hyper-V virtual machines (VMs)...

Adidas Data Breach: Third-Party Provider Hack Exposes Customer Contact Data

Data Breach

Adidas Data Breach: Third-Party Provider Hack Exposes Customer Contact Data

German sportswear giant Adidas has confirmed a data breach resulting from a cyberattack on a third-party customer...

Glitch Shutdown: Implications for App Hosting and Security

News

Glitch Shutdown: Implications for App Hosting and Security

Glitch, the popular platform for hosting web applications and collaborative coding, will discontinue its app hosting and...

Malicious NPM Packages Exfiltrate Host and Network Data via Discord Webhooks

Threat Intelligence

Malicious NPM Packages Exfiltrate Host and Network Data via Discord Webhooks

Security researchers have identified 60 malicious packages in the NPM registry that collect sensitive host and network...

The Challenges of U.S. iPhone Manufacturing: Supply Chain Realities

News

The Challenges of U.S. iPhone Manufacturing: Supply Chain Realities

Apple’s continued resistance to manufacturing iPhones in the United States reflects deep structural challenges in global supply...

Military Veterans in Cybersecurity: Skills, Opportunities, and Career Pathways

News

Military Veterans in Cybersecurity: Skills, Opportunities, and Career Pathways

The transition from military service to cybersecurity careers has become increasingly common, with veterans bringing unique skills...

Fake Ledger Apps Target macOS Users in Seed Phrase Theft Campaign

Threat Intelligence

Fake Ledger Apps Target macOS Users in Seed Phrase Theft Campaign

Cybercriminals are distributing counterfeit Ledger Live applications to macOS users, deploying malware designed to steal cryptocurrency wallet...

FTC Mandates GoDaddy Security Overhaul Following Systemic Data Breaches

Cyber Laws & Regulations

FTC Mandates GoDaddy Security Overhaul Following Systemic Data Breaches

The Federal Trade Commission (FTC) has finalized a settlement requiring GoDaddy to implement sweeping security reforms after...

Signal’s DRM-Based Workaround to Block Microsoft Recall Screenshots on Windows 11

Red-Team

Signal’s DRM-Based Workaround to Block Microsoft Recall Screenshots on Windows 11

Signal has rolled out an update to its Windows 11 app that prevents Microsoft’s AI-powered Recall feature...

Critical Unpatched Vulnerabilities in Versa Concerto Expose Systems to Auth Bypass and RCE

CVE News

Critical Unpatched Vulnerabilities in Versa Concerto Expose Systems to Auth Bypass and RCE

Multiple critical vulnerabilities in Versa Networks’ Concerto platform remain unpatched, exposing enterprise networks to authentication bypass and...

Critical SAMLify SSO Vulnerability Enables Admin Impersonation via Signature Wrapping

CVE News

Critical SAMLify SSO Vulnerability Enables Admin Impersonation via Signature Wrapping

A critical authentication bypass vulnerability (CVE-2025-47949) in the Node.js SAML library samlify allows attackers to forge admin-level...

Malicious Chrome Extensions Impersonating VPNs and AI Tools Steal User Data

Threat Intelligence

Malicious Chrome Extensions Impersonating VPNs and AI Tools Steal User Data

A recent campaign involving over 100 malicious Google Chrome extensions has been discovered impersonating legitimate tools such...

ThreatLocker’s Zero Trust Patch Management: Closing Vulnerability Windows at Scale

Blue-Team

ThreatLocker’s Zero Trust Patch Management: Closing Vulnerability Windows at Scale

Patching remains one of the most fundamental yet challenging aspects of enterprise security. While most organizations recognize...

Posts pagination

Previous 1 … 3 4 5 6 7 8 9 … 39 Next

cybersecurity

U.S. Strategic Bitcoin Reserve: Policy, Risks, and Security Implications

PumaBot: A New Go-Based Botnet Targeting IoT Devices via SSH Brute-Forcing

ASUS Router Botnet “AyySSHush” Deploys Persistent SSH Backdoors: Technical Analysis

DragonForce Ransomware Exploits SimpleHelp RMM in MSP Supply Chain Attacks

Texas Mandates Age Verification for App Store Downloads: Implications for Tech and Security

Prioritizing Exploitable Vulnerabilities: Cutting Through the Noise of CVSS Scores

Russian Void Blizzard APT Linked to Dutch Police Breach via Exchange Server Exploit

Adidas Data Breach: Third-Party Provider Hack Exposes Customer Contact Data

Malicious NPM Packages Exfiltrate Host and Network Data via Discord Webhooks

The Challenges of U.S. iPhone Manufacturing: Supply Chain Realities

Military Veterans in Cybersecurity: Skills, Opportunities, and Career Pathways

Fake Ledger Apps Target macOS Users in Seed Phrase Theft Campaign

FTC Mandates GoDaddy Security Overhaul Following Systemic Data Breaches

Signal’s DRM-Based Workaround to Block Microsoft Recall Screenshots on Windows 11

Critical Unpatched Vulnerabilities in Versa Concerto Expose Systems to Auth Bypass and RCE

Critical SAMLify SSO Vulnerability Enables Admin Impersonation via Signature Wrapping

Malicious Chrome Extensions Impersonating VPNs and AI Tools Steal User Data

ThreatLocker’s Zero Trust Patch Management: Closing Vulnerability Windows at Scale

You may have missed

Russia’s Throttling of Cloudflare: Technical Impact and Security Implications

Livestreamed Child Exploitation: Technical and Legal Implications of a Disturbing Case

UNFI Cyberattack: Supply Chain Disruption and Recovery Analysis

Hawaiian Airlines Cyberattack: IT Systems Compromised, Flight Operations Unaffected