12 Ways to Protect Your Business from Hackers During Remote Work
Michelle MooreUniversity of San Diego’sSeptember 11, 2025 Remote work is here to stay, with nearly a quarter of the U.S. workforce (22%)…
Palo Alto Networks User-ID Credential Agent Vulnerability Exposes password In Cleartext
A newly disclosed vulnerability in Palo Alto Networks’ User-ID Credential Agent for Windows, identified as CVE-2025-4235, could…
France: Three Regional Healthcare Agencies Targeted by Cyber-Attacks
French regional healthcare agencies have been targeted by cyber-attacks compromising the personal data of patients across the country. On…
LNER Reveals Supply Chain Attack Compromised Customer Information
The operator of one of the UK’s busiest rail lines has admitted that an unauthorized third party has accessed customer details via a supplier.…
More Than Sales… How Brokers Can Play a Critical Role in Strengthening the USA’s National Cybersecurity
As cyber threats continue to rise, enterprises can rely on unexpected allies for support: their insurance brokers. Brokers are not only able…
Using Artificial Intelligence for Strengthening Email Security
Today, email-based attacks are increasingly sophisticated, however artificial intelligence (AI) can offer vital defense. With AI use,…
Ransomware Payments Plummet in Education Amid Enhanced Resiliency
Ransomware demands and payments have plummeted in the education sector in the past year amid improved resilience and recovery capabilities,…
Microsoft Warns of Active Directory Domain Services Vulnerability, Let Attackers Escalate Privileges
Microsoft has issued an updated warning for a critical security vulnerability in Active Directory Domain Services, tracked as CVE-2025-21293.…
Two Zero-Days Among Patch Tuesday CVEs This Month
Microsoft issued updates to fix 81 vulnerabilities in this month’s Patch Tuesday yesterday, including two classed as zero-days which…
As hackers exploit one high-severity SAP flaw, company warns of 3 more
SecurityBridge warned that CVE-2025-42957 allowed hackers with minimal system rights to mount “a complete system compromise with minimal…
Plex tells users to change passwords due to data breach, pushes server owners to upgrade
Media streaming company Plex has suffered a data breach and is urging users to reset their account password and enable two-factor…
Exploring Key Technology Trends for 2024
Fast forward to today, and the importance of staying current with the latest tech trends can’t be overstated – it’s the…
Threat Actor Accidentally Exposes AI-Powered Operations
A threat actor has unintentionally revealed their methods and day-to-day activities after installing Huntress security software on their own…
Axios Abuse and Salty 2FA Kits Fuel Advanced Microsoft 365 Phishing Attacks
Threat actors are abusing HTTP client tools like Axios in conjunction with Microsoft’s Direct Send feature to form a “highly…
Salty2FA Phishing Kit Unveils New Level of Sophistication
A phishing campaign leveraging the Salty2FA kit has been uncovered by cybersecurity researchers, revealing advanced techniques that highlight…
Axios User Agent Helps Automate Phishing on “Unprecedented Scale”
Security experts have warned of a huge uptick in automated phishing activity abusing the Axios user agent and Microsoft’s Direct Send…
Chinese Cyber Espionage Campaign Impersonates US Congressman
US lawmakers have accused the Chinese government of being behind a cyber espionage campaign that impersonated a prominent Congressman. The…
From MostereRAT to ClickFix: New Malware Campaigns Highlight Rising AI and Phishing Risks
Cybersecurity researchers have disclosed details of a phishing campaign that delivers a stealthy banking malware-turned-remote access trojan…
Innovator Spotlight: Seraphic
Reinventing Browser Security for the Enterprise The Browser: Enterprise’s Biggest Blind Spot On any given day, the humble web browser is…
Wealthsimple Confirms Data Breach After Supply Chain Attack
Canadian fintech firm Wealthsimple has confirmed a data breach that exposed sensitive customer information. The incident, detected on August…
MostereRAT Targets Windows Users With Stealth Tactics
A phishing campaign delivering a new strain of malware, MostereRAT, has been uncovered by cybersecurity researchers. The Remote Access Trojan…
How Businesses Can Protect Themselves Against Data Breaches
The Threat Landscape According to the Identity Theft Resource Center, one billion people have been victims of a data breach in just the second…
Weekly Cybersecurity News Recap : WhatsApp, Chrome 0-Day, AI Ransomware and Cyber Attacks
Welcome to your Weekly Cybersecurity News Recap. This week, the digital world faced a fresh wave of threats, underscoring the relentless…
Week in review: 300k+ Plex Media Server instances still vulnerable to attack, exploited Git RCE flaw
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: 300k+ Plex Media Server…
WhatsApp’s Zero-Click Vulnerability and Targeted Spyware Attacks
A newly discovered critical vulnerability has put WhatsApp users across the globe on high alert. CVE-2025-55177, patched in August 2025, was a…
The Good, the Bad and the Ugly in Cybersecurity – Week 35
The Good | Interpol Cracks Down on Cybercrime as U.S. Sanctions North Korean IT Scheme Interpol announced the arrest of over 1200 suspects in…
North Korean Hackers Weaponize Seoul Intelligence Files to Target South Koreans
A large-scale spear-phishing campaign targeting South Korean government and intelligence staff has exploited a national intelligence…
Reduce Fraud Risk with Effective Identity Verification
In a world where transactions occur smoothly across borders and platforms, the need for robust fraud and risk management strategies…
Fake IT Support Attacks Hit Microsoft Teams
A new wave of phishing attacks abusing Microsoft Teams to deliver malware has been uncovered by security researchers. The campaigns, observed…
Cisco IMC Virtual Keyboard Video Monitor Let Attacker Direct User to Malicious Website
Cisco disclosed a high-severity open redirect vulnerability in the Virtual Keyboard Video Monitor (vKVM) component of its Integrated…
ShadowSilk Leveraging Penetration-Testing Tools, Public Exploits to Attack Organizations
ShadowSilk first surfaced in late 2023 as a sophisticated threat cluster targeting government entities across Central Asia and the broader…
When Best Practices Aren’t Enough: UK Breaches Underscore the Importance of Compromise Assessments
Despite extensive guidance from national authorities, several prominent UK organizations have recently suffered significant cyber attacks.…
Chinese Tech Firms Linked to Salt Typhoon Espionage Campaigns
The UK, US and partners from across the globe have released a new report on the notorious Chinese APT group Salt Typhoon, claiming it has…
ShadowSilk Campaign Targets Central Asian Governments
A series of cyber-attacks against government organizations in Central Asia and the Asia-Pacific has been linked to a threat cluster known as…
New Phishing Campaign Abuses ConnectWise ScreenConnect to Take Over Devices
A novel phishing campaign attempts to trick victims into downloading ConnectWise ScreenConnect remote monitoring and management (RMM)…
HOOK Android Trojan Adds Ransomware Overlays, Expands to 107 Remote Commands
Cybersecurity researchers have discovered a new variant of an Android banking trojan called HOOK that features ransomware-style overlay…
New Android Trojan Variant Expands with Ransomware Tactics
A new version of the Hook Android banking Trojan has surfaced, showcasing one of the most extensive feature sets ever recorded for mobile…
Phishing Campaign Uses UpCrypter to Deploy Remote Access Tools
A global phishing campaign using personalized emails and fake websites to deliver malicious downloads has been identified by cybersecurity…
Black Hat Ignites Under Vegas Lights
Driving through the quiet, endless beauty of the Nevada desert, I let the raspy voice of Jim Morrison carry me forward. “The End”…
Cybersecurity Wake-Up Call: Why All Businesses Must Prepare for the Inevitable Attack
Cybersecurity has emerged as a critical and ongoing battle against a dynamic and pervasive global threat. The landscape is evolving rapidly,…
Online PDF Editors Safe to Use? Detailed Analysis of Security Risks Associated With It
Online PDF editors have become common tools for quick document manipulation, providing convenient alternatives to desktop software. However,…
Chinese APT Hackers Using Proxy and VPN Service to Anonymize Infrastructure
In recent months, cybersecurity researchers have observed a surge in targeted campaigns by a sophisticated Chinese APT group leveraging…