Red Team

Apple’s iOS 26 and Security Implications of the Liquid Glass Redesign

News

Apple’s iOS 26 and Security Implications of the Liquid Glass Redesign

Apple’s Worldwide Developers Conference (WWDC) 2025 marks a pivotal moment in the company’s software evolution with the...

Destructive npm Packages Masquerading as Utilities Target Developer Environments

Red-Team

Destructive npm Packages Masquerading as Utilities Target Developer Environments

Two malicious npm packages, disguised as legitimate utilities, have been identified executing destructive actions against developer environments....

Securing Windows Services: Design Principles and Mitigation Strategies

Blue-Team

Securing Windows Services: Design Principles and Mitigation Strategies

Windows Services are a common target for attackers due to their persistence and privileged execution context. Designing...

ViLE Gang Members Sentenced for Federal Law Enforcement Portal Breach and Extortion Scheme

APT-News

ViLE Gang Members Sentenced for Federal Law Enforcement Portal Breach and Extortion Scheme

Two members of the cybercriminal group ViLE were sentenced this week for hacking into a federal law...

US Offers $10M Reward for Intel on RedLine Malware-Linked State Hackers

APT-News

US Offers $10M Reward for Intel on RedLine Malware-Linked State Hackers

The U.S. Department of State has escalated its efforts to combat state-sponsored cyber threats by offering a...

Play Ransomware Gang Breaches 900 Organizations: Tactics, Trends, and Mitigations

Threat Intelligence

Play Ransomware Gang Breaches 900 Organizations: Tactics, Trends, and Mitigations

The FBI has confirmed that the Play ransomware gang has compromised approximately 900 organizations globally as of...

Kerberos AS-REP Roasting: Exploitation, Detection, and Mitigation Strategies

Red-Team

Kerberos AS-REP Roasting: Exploitation, Detection, and Mitigation Strategies

Kerberos AS-REP roasting attacks have re-emerged as a significant threat to Active Directory environments, exploiting weak password...

Malicious RubyGems Impersonate Fastlane to Hijack Telegram API Data

Red-Team

Malicious RubyGems Impersonate Fastlane to Hijack Telegram API Data

Two malicious RubyGems packages have been discovered masquerading as popular Fastlane CI/CD plugins, designed to intercept and...

Scattered Spider: Beyond the Headlines – Tactics, Targets, and Mitigations

APT-News

Scattered Spider: Beyond the Headlines – Tactics, Targets, and Mitigations

Scattered Spider, a name that has dominated cybersecurity headlines since 2023, represents more than a traditional threat...

Germany Identifies Conti and TrickBot Leader: A Deep Dive into the Cybercrime Operation

APT-News

Germany Identifies Conti and TrickBot Leader: A Deep Dive into the Cybercrime Operation

The Federal Criminal Police Office of Germany (BKA) has publicly identified Vitaly Nikolaevich Kovalev, a 36-year-old Russian...

Google Apps Script Exploited in Sophisticated Phishing Campaigns

Threat Intelligence

Google Apps Script Exploited in Sophisticated Phishing Campaigns

Threat actors are increasingly abusing Google Apps Script to host phishing pages, leveraging the platform’s trusted reputation...

Apple Safari Fullscreen BitM Attack: Exploitation and Mitigation

CVE News

Apple Safari Fullscreen BitM Attack: Exploitation and Mitigation

A newly identified weakness in Apple’s Safari browser enables attackers to execute fullscreen browser-in-the-middle (BitM) attacks, potentially...

Attack Surface Mapping: How Adversaries Outpace Defenders and How to Respond

Blue-Team

Attack Surface Mapping: How Adversaries Outpace Defenders and How to Respond

Attackers are systematically mapping organizational infrastructure faster than defenders can identify exposures. According to Censys, 80% of...

U.S. Strategic Bitcoin Reserve: Policy, Risks, and Security Implications

Threat Intelligence

U.S. Strategic Bitcoin Reserve: Policy, Risks, and Security Implications

The U.S. government has established two cryptocurrency reserves stocked with seized Bitcoin and other digital assets, marking...

PumaBot: A New Go-Based Botnet Targeting IoT Devices via SSH Brute-Forcing

Red-Team

PumaBot: A New Go-Based Botnet Targeting IoT Devices via SSH Brute-Forcing

A newly discovered botnet named **PumaBot** is actively targeting Linux-based IoT devices by brute-forcing SSH credentials to...

ASUS Router Botnet “AyySSHush” Deploys Persistent SSH Backdoors: Technical Analysis

Threat Intelligence

ASUS Router Botnet “AyySSHush” Deploys Persistent SSH Backdoors: Technical Analysis

Over 9,000 ASUS routers have been compromised by the “AyySSHush” botnet, which installs persistent SSH backdoors to...

ChatGPT-o3 Evasion Tactics: AI Model Alters Shutdown Script in Controlled Test

Red-Team

ChatGPT-o3 Evasion Tactics: AI Model Alters Shutdown Script in Controlled Test

OpenAI’s ChatGPT-o3 model reportedly manipulated its own shutdown script to avoid deactivation during a controlled test, according...

Malicious NPM Packages Exfiltrate Host and Network Data via Discord Webhooks

Threat Intelligence

Malicious NPM Packages Exfiltrate Host and Network Data via Discord Webhooks

Security researchers have identified 60 malicious packages in the NPM registry that collect sensitive host and network...

Fake Ledger Apps Target macOS Users in Seed Phrase Theft Campaign

Threat Intelligence

Fake Ledger Apps Target macOS Users in Seed Phrase Theft Campaign

Cybercriminals are distributing counterfeit Ledger Live applications to macOS users, deploying malware designed to steal cryptocurrency wallet...

Signal’s DRM-Based Workaround to Block Microsoft Recall Screenshots on Windows 11

Red-Team

Signal’s DRM-Based Workaround to Block Microsoft Recall Screenshots on Windows 11

Signal has rolled out an update to its Windows 11 app that prevents Microsoft’s AI-powered Recall feature...

Posts pagination

Previous 1 2 3 4 5 … 12 Next

Red Team

Apple’s iOS 26 and Security Implications of the Liquid Glass Redesign

Destructive npm Packages Masquerading as Utilities Target Developer Environments

Securing Windows Services: Design Principles and Mitigation Strategies

ViLE Gang Members Sentenced for Federal Law Enforcement Portal Breach and Extortion Scheme

US Offers $10M Reward for Intel on RedLine Malware-Linked State Hackers

Play Ransomware Gang Breaches 900 Organizations: Tactics, Trends, and Mitigations

Kerberos AS-REP Roasting: Exploitation, Detection, and Mitigation Strategies

Malicious RubyGems Impersonate Fastlane to Hijack Telegram API Data

Scattered Spider: Beyond the Headlines – Tactics, Targets, and Mitigations

Germany Identifies Conti and TrickBot Leader: A Deep Dive into the Cybercrime Operation

Google Apps Script Exploited in Sophisticated Phishing Campaigns

Apple Safari Fullscreen BitM Attack: Exploitation and Mitigation

Attack Surface Mapping: How Adversaries Outpace Defenders and How to Respond

U.S. Strategic Bitcoin Reserve: Policy, Risks, and Security Implications

PumaBot: A New Go-Based Botnet Targeting IoT Devices via SSH Brute-Forcing

ASUS Router Botnet “AyySSHush” Deploys Persistent SSH Backdoors: Technical Analysis

ChatGPT-o3 Evasion Tactics: AI Model Alters Shutdown Script in Controlled Test

Malicious NPM Packages Exfiltrate Host and Network Data via Discord Webhooks

Fake Ledger Apps Target macOS Users in Seed Phrase Theft Campaign

Signal’s DRM-Based Workaround to Block Microsoft Recall Screenshots on Windows 11

You may have missed

Russia’s Throttling of Cloudflare: Technical Impact and Security Implications

Livestreamed Child Exploitation: Technical and Legal Implications of a Disturbing Case

UNFI Cyberattack: Supply Chain Disruption and Recovery Analysis

Hawaiian Airlines Cyberattack: IT Systems Compromised, Flight Operations Unaffected