If it feels like your entire cybersecurity program is once again operating on a geopolitical fault line, you're not imagining things.The intersection of global politics and cybersecurity has grown...
Palo Alto Networks has revealed that it's observing brute-force login attempts against PAN-OS GlobalProtect gateways, days after threat actors warned of a surge in suspicious login scanning...
Cybersecurity researchers have found that threat actors are setting up deceptive websites hosted on newly registered domains to deliver a known Android malware called SpyNote. These bogus websites...
The U.S. Cyberspace Solarium Commission (CSC) 2.0 observed in its latest report that the growing frequency and sophistication... The post New CSC 2.0 report outlines roadmap to strengthen aviation...
Do passcodes really protect you more from warrantless phone searches than biometrics? It's complicated.
Microsoft is gradually rolling out the AI-powered Windows Recall feature to Insiders in the Release Preview channel before making it generally available to all Windows users with Copilot+ PCs. [...]
Police arrest SmokeLoader malware customers, AkiraBot abuses AI to bypass CAPTCHAs, and Gamaredon delivers GammaSteel via infected drives.
Many of the talks at KubeCon Europe, Europe’s largest open source community conference, were related to security. Let's discuss some of our favorites.
Western Sydney University (WSU) announced two security incidents that exposed personal information belonging to members of its community. [...]
Fortinet warns that threat actors use a post-exploitation technique that helps them maintain read-only access to previously compromised FortiGate VPN devices even after the original attack vector...
Fortinet warns that threat actors use a post-exploitation technique that helps them maintain read-only access to previously compromised FortiGate VPN devices even after the original attack vector...
Read how security teams are adopting agentic and generative AI to reshape operations and accelerate the journey toward an autonomous SOC.
A new exploit, traced to a MorphoBlue vulnerability, has resulted in the theft of $2.6 million. The breach, which occurred on April 11, 2025, was first reported by PeckShieldAlert, highlighting a...
2025-04-10 • Symantec • Threat Hunter Team Open article on Malpedia
Experts at the Google Cloud Next event set out how security teams need to adapt their focuses in the wake of trends such as rising cyber-attacks and advances in AI
Microsoft has now confirmed that an April 2025 Windows security update is creating a new empty "inetpub" folder and warned users not to delete it. [...]
Some misconfigured AI chatbots are pushing people’s chats to the open web—revealing sexual prompts and conversations that include descriptions of child sexual abuse.
A newly disclosed high-severity security flaw impacting OttoKit (formerly SureTriggers) has come under active exploitation within a few hours of public disclosure. The vulnerability, tracked as...
Google's AI video generator tool Veo 2, which is the company's take on OpenAI's Sora, is now rolling out to some users in the United States. [...]
TL;DRWe did some interesting research focused on the AWS cloud platform that offers highly-permissive tools for security operations, such as incident response, auditing, inventorying, etc. These...
2025-04-10 • Medium TRAC Labs • TRAC Labs • win.stealc Open article on Malpedia
Laboratory Services Cooperative (LSC) has released a statement informing it suffered a data breach where hackers stole sensitive information of roughly 1.6 million people from its systems. [...]
2025-04-03 • Mandiant • Jacob Thompson, John Wolfram, Josh Murchie, Matt Lin, Michael Edie Open article on Malpedia
The Chromium-based Microsoft Edge has seen up to 9% performance improvements following the release of version 134. [...]
The Chromium-based Microsoft Edge has seen up to 9% performance improvements following the release of version 134. [...]
Check out why a global geopolitical spyware campaign could ensnare mobile users outside of its target groups. Plus, the U.K.’s cyber agency offers cyber governance resources to boards of...
Fourlis Group, the operator of IKEA stores in Greece, Cyprus, Romania, and Bulgaria, has informed that the ransomware attack it suffered just before Black Friday on November 27, 2024, caused...
Claroty, a cyber-physical systems (CPS) protection company, announced on Thursday the appointment of Jen Sovada as General Manager... The post Claroty appoints Jen Sovada as GM of public sector,...
Ron Wyden, a Democratic Senator from Oregon, has placed a hold on the nomination of Sean Plankey to... The post Senate standoff: Wyden demands transparency on China-linked hacks, holds back...
Industrial technology company Sensata Technologies disclosed that the company experienced a ransomware attack that encrypted parts of its... The post Ransomware surge: Sensata Technologies, US...