Security

Development

Microsoft Warns of Tax-Themed Email Attacks Using PDFs and QR Codes to Deliver Malware

April 3, 2025

Microsoft is warning of several phishing campaigns that are leveraging tax-related themes to deploy malware and steal credentials. “These campaigns…

HellCat ransomware: what you need to know

April 3, 2025

HellCat – the ransomware gang that has been known to demand payment… in baguettes! Are they rolling in the dough?…

Development

Europol Dismantles Kidflix With 72,000 CSAM Videos Seized in Major Operation

April 3, 2025

In one of the largest coordinated law enforcement operations, authorities have dismantled Kidflix, a streaming platform that offered child sexual…

Development

Legacy Stripe API Exploited to Validate Stolen Payment Cards in Web Skimmer Campaign

April 3, 2025

Threat hunters are warning of a sophisticated web skimmer campaign that leverages a legacy application programming interface (API) from payment…

Development

ProtectEU Is Here – But Can It Really Protect Europe from Rising Security Threats?

April 3, 2025

The European Commission has introduced ProtectEU, a comprehensive European Internal Security Strategy aimed at strengthening the security of EU citizens.…

Development

Triada Malware Preloaded on Counterfeit Android Phones Infects 2,600+ Devices

April 3, 2025

Counterfeit versions of popular smartphone models that are sold at reduced prices have been found to be preloaded with a…

Development

Google Patches Quick Share Vulnerability Enabling Silent File Transfers Without Consent

April 3, 2025

Cybersecurity researchers have disclosed details of a new vulnerability impacting Google’s Quick Share data transfer utility for Windows that could…

Development

AI Adoption in the Enterprise: Breaking Through the Security and Compliance Gridlock

April 3, 2025

AI holds the promise to revolutionize all sectors of enterpriseーfrom fraud detection and content personalization to customer service and security…

Development

CISA’s Latest Advisories Expose High-Risk Vulnerabilities in Industrial Control Systems

April 3, 2025

The Cybersecurity and Infrastructure Security Agency (CISA) issued two crucial Industrial Control Systems (ICS) advisories, highlighting vulnerabilities that could have…

Development

AI Threats Are Evolving Fast — Learn Practical Defense Tactics in this Expert Webinar

April 3, 2025

The rules have changed. Again. Artificial intelligence is bringing powerful new tools to businesses. But it’s also giving cybercriminals smarter…

Development

Lazarus Group Targets Job Seekers With ClickFix Tactic to Deploy GolangGhost Malware

April 3, 2025

The North Korean threat actors behind Contagious Interview have adopted the increasingly popular ClickFix social engineering tactic to lure job…

Development

DragonForce Claims to Be Taking Over RansomHub Ransomware Infrastructure

April 2, 2025

The DragonForce ransomware group claims to be taking over the infrastructure of RansomHub, the largest ransomware group in the last…

Smashing Security podcast #411: The fall of Troy, and whisky barrel scammers

April 2, 2025

Renowned cybersecurity expert Troy Hunt falls victim to a phishing attack, resulting in the exposure of thousands of subscriber details,…

Development

Google Fixed Cloud Run Vulnerability Allowing Unauthorized Image Access via IAM Misuse

April 2, 2025

Cybersecurity researchers have disclosed details of a now-patched privilege escalation vulnerability in Google Cloud Platform (GCP) Cloud Run that could…

Development

New Malware Loaders Use Call Stack Spoofing, GitHub C2, and .NET Reactor for Stealth

April 2, 2025

Cybersecurity researchers have discovered an updated version of a malware loader called Hijack Loader that implements new features to evade…

Development

FIN7 Deploys Anubis Backdoor to Hijack Windows Systems via Compromised SharePoint Sites

April 2, 2025

The financially motivated threat actor known as FIN7 has been linked to a Python-based backdoor called Anubis (not to be…

Development

Thailand Enhances Cyber Resilience with AI-Powered Security Measures

April 2, 2025

In an effort to enhance Thailand’s cybersecurity infrastructure, the National Cyber Security Agency (NCSA) and Google Cloud have announced a…

Development

How SSL Misconfigurations Impact Your Attack Surface

April 2, 2025

When assessing an organization’s external attack surface, encryption-related issues (especially SSL misconfigurations) receive special attention. Why? Their widespread use, configuration…

Development

Outlaw Group Uses SSH Brute-Force to Deploy Cryptojacking Malware on Linux Servers

April 2, 2025

Cybersecurity researchers have shed light on an “auto-propagating” cryptocurrency mining botnet called Outlaw (aka Dota) that’s known for targeting SSH…

Development

Helping Your Clients Achieve NIST Compliance: A Step by Step Guide for Service Providers

April 2, 2025

Introduction As the cybersecurity landscape evolves, service providers play an increasingly vital role in safeguarding sensitive data and maintaining compliance…