The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has published a cybersecurity advisory warning of ransomware hackers leveraging... The post CISA flags exploitation of SimpleHelp...
Cyfirma researchers this week profiled MISSION2025, a Chinese state-sponsored threat group tied to APT41. Active since at least... The post MISSION2025 cyber campaign expands global targeting of...
Democratic members of the House Homeland Security Committee have asked the U.S. Government Accountability Office (GAO) to review... The post House Democrats call for GAO probe into CISA and NIST...
Understand the mechanics of serverless authentication: three simulated attacks across major CSPs offer effective approaches for application developers. The post Serverless Tokens in the Cloud:...
A CISA advisory urged all software vendors and downstream customers to check if they are impacted by unpatched versions of the SimpleHelp RMM tool
2025-06-06 • Seqrite • Sathwik Ram Prakki, Subhajeet Singha • win.vshell Open article on Malpedia
2025-06-09 • Sentinel LABS • Aleksandar Milenkoski, Tom Hegel • elf.goreshell, elf.nimbo_c2, win.shadowpad Open article on Malpedia
Microsoft is investigating a known issue that triggers Secure Boot errors and prevents Surface Hub v1 devices from starting up. [...]
Researchers have found a flaw in Microsoft 365 Copilot that allows the exfiltration of sensitive corporate data with a simple email
2025-06-10 • Check Point Research • Check Point Research Open article on Malpedia
Check out NIST best practices for adopting a zero trust architecture. Plus, learn how OpenAI disrupted various attempts to abuse ChatGPT. In addition, find out what Tenable webinar attendees said...
Linux Syscall Threat Detection in Splunk with Uncoder AI How It Works The detection logic here is built around monitoring use of the mknod syscall, which is rarely used in legitimate workflows but...
Microsoft is investigating an ongoing incident that is causing users to experience errors with some Microsoft 365 authentication features. [...]
How It Works The Sigma rule shown is designed to detect Notepad opening files with names suggesting password storage, which may indicate unauthorized credential access or suspicious behavior on...
Convert Sigma DNS Rules to Cortex XSIAM with Uncoder AI How It Works Uncoder AI reads a Sigma rule designed to detect DNS queries to malicious infrastructure used by Katz Stealer malware, and...
How It Works The showcased feature translates a Linux-based Sigma rule — specifically targeting the sysinfo system call — into Microsoft Sentinel KQL. This system call provides an attacker with...
Victoria's Secret has restored all critical systems impacted by a May 24 security incident that forced it to shut down corporate systems and the e-commerce website. [...]
In May 2025, the South American mobility services platform Ualabee had hundreds of thousands of records scraped from an interface on their platform. The data included 472k unique email addresses...
Cloudflare has confirmed that the massive service outage yesterday was not caused by a security incident and no data has been lost. [...]
Insikt Group exposes GrayAlpha’s evolving infrastructure and infection methods—including PowerNet and MaskBat loaders, fake 7-Zip sites, and the undocumented TAG-124 network—linking the group to...
Weidmuller Canada’s journey began in 1975, as Weidmuller Terminations Ltd., operating from a modest, warehouse-style office.
The threat actors behind the VexTrio Viper Traffic Distribution Service (TDS) have been linked to other TDS services like Help TDS and Disposable TDS, indicating that the sophisticated...
Late last year, security researchers made a startling discovery: Kremlin-backed disinformation campaigns were bypassing moderation on social media platforms by leveraging the same malicious...
Google has issued a security update for Chrome desktop to address CVE-2025-5419, which has a CVSS score of 8.8. It is a critical zero-day flaw in the V8 JavaScript engine that is actively...
The recommendation to the bankruptcy judge overseeing the sale is partially based on messages from 23andMe customers who told him they are worried about their genetic data’s inclusion in the sale.
Law enforcement has more tools than ever to track your movements and access your communications. Here’s how to protect your privacy if you plan to protest.
Cybersecurity researchers have discovered a novel attack technique called TokenBreak that can be used to bypass a large language model's (LLM) safety and content moderation guardrails with just a...
The spyware’s developer, Intellexa, has been under pressure due to sanctions and public disclosure, but Recorded Future uncovered fresh activity. The post Predator spyware activity surfaces in new...
The spyware’s developer, Intellexa, has been under pressure due to sanctions and public disclosure, but Recorded Future uncovered fresh activity. The post Predator spyware activity surfaces in new...
AI is changing everything — from how we code, to how we sell, to how we secure. But while most conversations focus on what AI can do, this one focuses on what AI can break — if you’re not paying...