Red Team

North Korean IT Worker Scheme: A Technical Analysis of Infiltration and Fraud

APT-News

North Korean IT Worker Scheme: A Technical Analysis of Infiltration and Fraud

In a significant enforcement action, the U.S. Department of Justice announced that five individuals have pleaded guilty...

Compromised Android Photo Frames: A Supply Chain Attack Vector for Botnets and Spyware

Threat Intelligence

Compromised Android Photo Frames: A Supply Chain Attack Vector for Botnets and Spyware

A significant security threat has been identified within the consumer Internet of Things (IoT) market, specifically targeting...

Windows 11 Expands Passkey Ecosystem with Third-Party Manager Integration

Blue-Team

Windows 11 Expands Passkey Ecosystem with Third-Party Manager Integration

Microsoft has fundamentally altered the authentication landscape on Windows 11 by enabling native, system-level support for third-party...

DanaBot Malware Resurfaces with New Infrastructure After Law Enforcement Takedown

Malware Analysis

DanaBot Malware Resurfaces with New Infrastructure After Law Enforcement Takedown

The DanaBot malware operation has resumed its malicious activities, deploying a new version in active campaigns just...

Anatomy of a Thwarted RansomHub Attack: From CPU Spike to Domain Admin

Blue-Team

Anatomy of a Thwarted RansomHub Attack: From CPU Spike to Domain Admin

A sudden, unexplained CPU spike on a corporate server, often dismissed as a minor performance issue, was...

Firefox 145 Enhances Anti-Fingerprinting Protections, Impacting Threat Actor Reconnaissance

Blue-Team

Firefox 145 Enhances Anti-Fingerprinting Protections, Impacting Threat Actor Reconnaissance

Mozilla has released Firefox 145, introducing a significant upgrade to its anti-fingerprinting technology that substantially reduces the...

FileFix Attack Evolves with Cache Smuggling to Evade Detection

Threat Intelligence

FileFix Attack Evolves with Cache Smuggling to Evade Detection

A new variant of the FileFix social engineering attack is leveraging cache smuggling to secretly download malicious...

The AI Hiring Arms Race: Technical Analysis of Applicant and Recruiter Countermeasures

News

The AI Hiring Arms Race: Technical Analysis of Applicant and Recruiter Countermeasures

The modern job application process has evolved into a sophisticated technological battleground, where artificial intelligence systems screen...

Google’s AI Bug Bounty Program: A Technical Analysis for Security Professionals

Bug Bounties & Responsible Disclosure

Google’s AI Bug Bounty Program: A Technical Analysis for Security Professionals

Google has formally launched a dedicated AI Vulnerability Reward Program (AI VRP), creating a structured channel for...

Signal’s Post-Quantum Triple Ratchet: A Technical Deep Dive on SPQR

News

Signal’s Post-Quantum Triple Ratchet: A Technical Deep Dive on SPQR

Signal has completed a significant cryptographic upgrade to its protocol with the introduction of the Sparse Post-Quantum...

Apple Removes ICE Tracking Apps Following DOJ Pressure: A Security Analysis

Threat Intelligence

Apple Removes ICE Tracking Apps Following DOJ Pressure: A Security Analysis

On October 3, 2025, Apple removed the ICEBlock application and similar software from its App Store, a...

Microsoft Outlook Blocks Inline SVG Images to Counter Phishing Attacks

Blue-Team

Microsoft Outlook Blocks Inline SVG Images to Counter Phishing Attacks

Microsoft has initiated a significant security update for its Outlook email clients, specifically targeting the use of...

MatrixPDF Toolkit Transforms PDFs into Advanced Phishing and Malware Lures

Threat Intelligence

MatrixPDF Toolkit Transforms PDFs into Advanced Phishing and Malware Lures

A new phishing and malware distribution toolkit called MatrixPDF enables attackers to convert ordinary PDF files into...

OpenAI’s Dynamic Safety Routing: A Technical Analysis of GPT-4o’s New Guardrails

Red-Team

OpenAI’s Dynamic Safety Routing: A Technical Analysis of GPT-4o’s New Guardrails

Recent user observations of GPT-4o conversations being unexpectedly rerouted to an unknown model have been confirmed as...

Passkeys: A Technical Analysis of Security, Implementation, and Operational Impact

Blue-Team

Passkeys: A Technical Analysis of Security, Implementation, and Operational Impact

With 88% of data breaches involving stolen credentials, the inherent weaknesses of password-based authentication are a primary...

Global Law Enforcement Seizes $439 Million in Cybercrime Crackdown

Threat Intelligence

Global Law Enforcement Seizes $439 Million in Cybercrime Crackdown

In a significant blow to transnational cybercrime, a five-month international operation led by Interpol has resulted in...

EDR-Freeze: Abusing Windows Error Reporting to Suspend Security Software

Red-Team

EDR-Freeze: Abusing Windows Error Reporting to Suspend Security Software

A new proof-of-concept tool named EDR-Freeze demonstrates a significant evolution in attacker evasion techniques. Developed by security...

Microsoft and Cloudflare Disrupt RaccoonO365 Phishing-as-a-Service Operation

Threat Intelligence

Microsoft and Cloudflare Disrupt RaccoonO365 Phishing-as-a-Service Operation

A coordinated legal and technical operation by Microsoft and Cloudflare has successfully disrupted RaccoonO365, one of the...

Securing the Browser: The New Enterprise Perimeter and Attack Surface

Blue-Team

Securing the Browser: The New Enterprise Perimeter and Attack Surface

The modern web browser has become the primary interface for enterprise work, hosting sensitive data, credentials, and...

U.S. Sanctions Target Infrastructure and Operators Behind Southeast Asian Cyber Scam Networks

Threat Intelligence

U.S. Sanctions Target Infrastructure and Operators Behind Southeast Asian Cyber Scam Networks

The U.S. Department of the Treasury has initiated a significant, multi-phase sanctions campaign against the individuals and...

Posts pagination

1 2 3 4 … 15 Next

Red Team

Compromised Android Photo Frames: A Supply Chain Attack Vector for Botnets and Spyware

Windows 11 Expands Passkey Ecosystem with Third-Party Manager Integration

DanaBot Malware Resurfaces with New Infrastructure After Law Enforcement Takedown

Anatomy of a Thwarted RansomHub Attack: From CPU Spike to Domain Admin

Firefox 145 Enhances Anti-Fingerprinting Protections, Impacting Threat Actor Reconnaissance

FileFix Attack Evolves with Cache Smuggling to Evade Detection

The AI Hiring Arms Race: Technical Analysis of Applicant and Recruiter Countermeasures

Google’s AI Bug Bounty Program: A Technical Analysis for Security Professionals

Signal’s Post-Quantum Triple Ratchet: A Technical Deep Dive on SPQR

Apple Removes ICE Tracking Apps Following DOJ Pressure: A Security Analysis

Microsoft Outlook Blocks Inline SVG Images to Counter Phishing Attacks

MatrixPDF Toolkit Transforms PDFs into Advanced Phishing and Malware Lures

OpenAI’s Dynamic Safety Routing: A Technical Analysis of GPT-4o’s New Guardrails

Passkeys: A Technical Analysis of Security, Implementation, and Operational Impact

Global Law Enforcement Seizes $439 Million in Cybercrime Crackdown

EDR-Freeze: Abusing Windows Error Reporting to Suspend Security Software

Microsoft and Cloudflare Disrupt RaccoonO365 Phishing-as-a-Service Operation

Securing the Browser: The New Enterprise Perimeter and Attack Surface

U.S. Sanctions Target Infrastructure and Operators Behind Southeast Asian Cyber Scam Networks

You may have missed

ClickFix Malware Campaigns Resurrect Decades-Old Finger Protocol for Command Retrieval

North Korean IT Worker Scheme: A Technical Analysis of Infiltration and Fraud

Digital Passport Integration in Mobile Wallets: A Security Analysis

U.S. Launches Scam Center Strike Force to Combat $10 Billion Crypto Fraud Networks