A newly uncovered phishing-as-a-service (PhaaS) platform, named “Morphing Meerkat,” has been leveraging DNS mail exchange (MX) records...
Red Team
A newly identified phishing-as-a-service (PhaaS) operation, dubbed Morphing Meerkat by researchers, has adopted DNS-over-HTTPS (DoH) to bypass...
Russian state-aligned hackers have launched a sophisticated phishing campaign impersonating the U.S. Central Intelligence Agency (CIA) to...
Recent research highlights a significant shift in red team operations as artificial intelligence becomes more sophisticated. A...
In a significant blow to the Blacklock ransomware group, cybersecurity firm Resecurity exploited a vulnerability in the...
A widespread cyber campaign has compromised approximately 150,000 legitimate websites by injecting malicious JavaScript code that redirects...
An advanced persistent threat (APT) group linked to Pakistan has been observed impersonating India’s postal service to...
Mozilla has released emergency updates to patch a critical sandbox escape vulnerability (CVE-2025-2857) in Firefox for Windows,...
Cybersecurity researchers have uncovered a campaign involving hijacked npm packages, some over nine years old, that were...
A critical remote code execution (RCE) vulnerability, tracked as CVE-2025-26873, has been disclosed in the Shinetheme Traveler...
Chinese tech giant Tencent has acquired a 25% stake in a newly formed Ubisoft subsidiary for $1.25...
Security teams worldwide must stay updated on the latest detection rules and emerging threats to defend against...
A federal judge has issued a directive to the Trump administration to preserve Signal messages exchanged among...
Security researchers have uncovered a sophisticated malware campaign distributing the LummaC2 information stealer disguised as a cracked...
Active Directory’s Discretionary Access Control Lists (DACLs) serve as fundamental security mechanisms governing object permissions within directory...
Active Directory Discretionary Access Control Lists (DACLs) serve as a fundamental security mechanism governing access to directory...
Active Directory penetration testing remains a cornerstone of enterprise security assessments, with tools like Netexec providing robust...
Misconfigured WriteOwner permissions in Active Directory can enable attackers to take ownership of critical objects, bypass security...
The Diamond Ticket attack represents an advanced exploitation technique targeting Active Directory environments by manipulating Kerberos authentication...
Active Directory (AD) credential dumping remains a significant threat, with attackers increasingly exploiting overlooked attributes like user...
