From Defense to Offense: Why Ambitious CISOs Are Becoming Founders
Once seen primarily as a technical gatekeeper, today’s chief information security officer (CISO) is a strategic leader responsible for…
Singapore Threatens Meta With Fines Over Facebook Impersonation Scams
The Singapore government has given Meta Platforms until September 30 to introduce measures to curb impersonation scams on Facebook. On…
ArcaneDoor Threat Actor Resurfaces in Continued Attacks Against Cisco Firewalls
A newly identified cyber-attack campaign has exploited Cisco Adaptive Security Appliance (ASA) devices in a sophisticated operation linked to…
Interpol Cracks Down on Large-Scale African Scamming Networks
A transnational operation involving 14 African countries has taken down a large-scale digital scamming network, leading to 260 arrests and the…
New LockBit Ransomware Variant Emerges as Most Dangerous Yet
Trend Micro has identified a new LockBit ransomware variant that is “significantly more dangerous” than previous versions and is being…
When Airports Go Dark: What The Weekend’s Cyber-attacks Tell Us About Business Risk
Varun Uppal, founder and CEO of Shinobi Security Over the weekend, airports across Europe were thrown into chaos after a cyber-attack on one…
Critical Vulnerability in Salesforce AgentForce Exposed
A critical vulnerability chain in Salesforce's AI-powered AgentForce platform has been discovered by cybersecurity researchers. The flaw,…
The Threat of Privilege Abuse in Active Directory
In early 2024, the BlackCat ransomware attack against Change Healthcare caused massive disruption across the U.S. healthcare sector. It later…
Chinese Hackers Use 'BRICKSTORM' Backdoor to Breach US Firms
Chinese cyber threat actors are suspected of deploying a recently identified backdoor to get a foothold into the systems of US organizations…
Co-op Records £206m Revenue Loss Following Cyber-Attack
The Co-op has revealed that it has lost approximately £206m ($277m) in revenue as a direct result of the “malicious” cyber-attack it…
Tech Overtakes Gaming as Top DDoS Attack Target, New Gcore Radar Report Finds
The latest Gcore Radar report analyzing attack data from Q1–Q2 2025, reveals a 41% year-on-year increase in total attack volume. The…
Experts Warn of Global Breach Risk from Indian Suppliers
Global supply chains could be at risk after a new report revealed a surprisingly high share of Indian vendors have suffered a third-party…
NCA Arrest Man as HardBit Ransomware Blamed for Airport Outages
British investigators have arrested a man in connection with a suspected ransomware attack which continues to cause flight delays across…
Critical DNN Platform Vulnerability Let Attackers Execute Malicious Scripts
A critical stored cross-site scripting vulnerability has emerged in the popular DotNetNuke (DNN) Platform, threatening websites powered by…
New Phishing Campaign Targets PyPI Maintainers with Fake Domain
The Python Package Index (PyPI) is once again the target of a phishing campaign aimed at maintainers, with attackers using domain confusion…
ShadowV2: How a New DDoS Botnet Mimics Cloud-Native Apps
The login UI | Image: Darktrace Researchers at Darktrace have identified a sophisticated new campaign that merges traditional malware…
CVE-2025-23298: Getting Remote Code Execution in NVIDIA Merlin
While investigating the security posture of various machine learning (ML) and artificial intelligence (AI) frameworks, the Trend Micro Zero…
npm Package Uses QR Code Steganography to Steal Credentials
A malicious npm package named Fezbox has been found using an unusual technique to conceal harmful code. The package employs a QR code as part…
ShadowV2 Botnet Exposes Rise of DDoS-as-a-service Platforms
A new campaign that combines traditional malware with modern DevOps tooling has been observed by cybersecurity analysts. The ShadowV2 DDoS…
Geopolitical Cyber Threats in 2024: Navigating Emerging Risks with OSINT (Open-Source Intelligence)
Geopolitical tensions worldwide can have a foreseeable impact on an organisation’s physical operations, but they can also heighten the…
CISA Says Failure to Patch, Untested IRP, Silent EDR Alerts, Led to a Federal Agency Breach
CISA this week offered a rare window into a real-world breach at a U.S. federal civilian agency. Delays in patching, unexercised incident…
Vegas Gambling Giant Hit by Cyber Incident, Employee Data Exposed
A major Las Vegas-based gambling firm has disclosed a cybersecurity incident, which has breached the personal data of employees and other…
Federal Agency Compromised Via GeoServer Exploit, CISA Reveals
A federal agency was compromised last year after failures in vulnerability remediation, incident response and EDR log reviews, according to…
Cisco Uncovers New PlugX Backdoor Linked to Chinese APTs
Researchers at Cisco Talos have uncovered a long-running espionage campaign active since 2022, targeting the telecommunications and…
SonicWall releases rootkit-busting firmware update following wave of attacks
SonicWall on Monday released a firmware update that the security vendor says will remove rootkit malware deployed in recent attacks targeting…
22 Vulnerabilities Under Attack – And Another That Could Be
Cyble researchers detailed 22 vulnerabilities under active attack in a blog post today – and nine of them aren’t in CISA’s…
OnePlus leaves researchers on read over Android bug that exposes texts
Security researchers report that OnePlus smartphone users remain vulnerable to a critical bug that allows any application to read SMS and MMS…
The Future of Travel Technology
As technology continues to advance in society, everyday necessities are becoming more accessible by the day. Electronic passports are quickly…
SonicWall Releases Urgent Update to Remove Rootkit Malware ‘OVERSTEP’ from SMA Devices
SonicWall has issued an urgent firmware update, version 10.2.2.2-92sv, for its Secure Mobile Access (SMA) 100 series appliances to detect and…
Deepfake Attacks Hit Two-Thirds of Businesses
Nearly two-thirds (62%) of organizations have experienced a deepfake attack in the past 12 months, according to a new Gartner survey. These…
Deepfakes: The Cybersecurity Pandora’s Box
The meteoric rise of artificial intelligence (AI) has not only revolutionized industries but also unleashed a Pandora’s box of potential…
Critical Security Flaws Grow with AI Use, New Report Shows
A sharp increase in hardware, API and network vulnerabilities is exposing organizations to new risks, according to Inside the Mind of a CISO…
Attacker Breakout Time Falls to 18 Minutes
Threat actors are accelerating their attacks and adopting innovative new ways to circumvent endpoint detection mechanisms, according to a new…
Jaguar Land Rover Extends Production Pause Again
The UK’s largest carmaker has announced a further delay to restarting production after suffering a major cyber-attack earlier this month.…
CVE-2025-26399 (CVSS 9.8): SolarWinds Web Help Desk Hit by Critical RCE Vulnerability
SolarWinds has released a hotfix for its Web Help Desk (WHD) software after the discovery of a critical remote code execution (RCE)…
Kawa4096: A New Ransomware Group with Akira-Style Branding and Qilin-Like Notes
In June 2025, a new ransomware group known as Kawa4096 surfaced, launching disruptive attacks against multinational organizations in finance,…
VMScape attack | Kaspersky official blog
A team of researchers at the Swiss Federal Institute of Technology in Zurich (ETH Zurich) has published a research paper demonstrating how a…
Organizations Must Update Defenses to Scattered Spider Tactics, Experts Urge
Organizations must urgently update their defenses to protect against tactics deployed by the Scattered Spider hacking collective this year,…
Why VPNs Fail for Hybrid Workforces and The Importance of Privileged Access Management (PAM) To Protect Against Third-Party Risks
Let’s start by being clear that what you need to do to support “hybrid work” versus a “hybrid workforce”…
Major Cyber Threat Detection Vendors Pull Out of MITRE Evaluations Test
Three major providers of cybersecurity solutions have decided not to take part in the 2025 edition of MITRE’s annual endpoint detection and…
Why the Cybersecurity Talent Shortage is a Global Threat
In the era of digital transformation, where data flows across borders and devices, data security is paramount. Cyberattacks are no longer…
Weekly Recap: Chrome 0-Day, AI Hacking Tools, DDR5 Bit-Flips, npm Worm & More
The security landscape now moves at a pace no patch cycle can match. Attackers aren't waiting for quarterly updates or monthly…