Critical React Native CLI Flaw Exposed Millions of Developers to Remote Attacks
Details have emerged about a now-patched critical security flaw in the popular "@react-native-community/cli" npm package that could be potentially exploit…
Have You Turned Off Your Virtual Oven?
You check that the windows are shut before leaving home. Return to the kitchen to verify that the oven and stove were definitely turned off.…
Hackers Found Using CrossC2 to Expand Cobalt Strike Beacon’s Reach to Linux and macOS
Japan’s CERT coordination center (JPCERT/CC) on Thursday revealed it observed incidents that involved the use of a command-and-control…
New HTTP/2 'MadeYouReset' Vulnerability Enables Large-Scale DoS Attacks
Multiple HTTP/2 implementations have been found susceptible to a new attack technique called MadeYouReset that could be explored to conduct…
Cisco Warns of CVSS 10.0 FMC RADIUS Flaw Allowing Remote Code Execution
Cisco has released security updates to address a maximum-severity security flaw in Secure Firewall Management Center (FMC) Software that could…
Zero Trust + AI: Privacy in the Age of Agentic AI
We used to think of privacy as a perimeter problem: about walls and locks, permissions, and policies. But in a world where artificial agents…
U.S. Sanctions Garantex and Grinex Over $100M in Ransomware-Linked Illicit Crypto Transactions
The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) on Thursday renewed sanctions against Russian…
Taiwan Web Servers Breached by UAT-7237 Using Customized Open-Source Hacking Tools
A Chinese-speaking advanced persistent threat (APT) actor has been observed targeting web infrastructure entities in Taiwan using customized…
Russian Group EncryptHub Exploits MSC EvilTwin Vulnerability to Deploy Fickle Stealer Malware
The threat actor known as EncryptHub is continuing to exploit a now-patched security flaw impacting Microsoft Windows to deliver malicious…
ERMAC V3.0 Banking Trojan Source Code Leak Exposes Full Malware Infrastructure
Cybersecurity researchers have detailed the inner workings of an Android banking trojan called ERMAC 3.0, uncovering serious shortcomings in…
Wazuh for Regulatory Compliance
Organizations handling various forms of sensitive data or personally identifiable information (PII) require adherence to regulatory compliance…
“PromptFix” Attacks Could Supercharge Agentic AI Threats
Researchers have engineered a new version of the ClickFix social engineering technique using prompt injection to trick agentic AI into…
Orange Data Breach Raises SIM-Swapping Attack Fears
A threat actor has compromised 850,000 Orange Belgium customer accounts, with SIM card numbers and Personal Unblocking Key (PUK) codes among…
Oregon Man Charged in Rapper Bot DDoS-for-Hire Case
A 22-year-old Oregon man has been charged with administering the Rapper Bot DDoS-for-hire botnet, which was allegedly used to launch…
Colt Admits Customer Data Likely Stolen in Cyber-Attack
Colt Technology Services has confirmed that cybercriminals could leak customer data. This is despite previously claiming the recent cyber…
Russian Espionage Group Static Tundra Targets Legacy Cisco Flaw
A seven-year-old vulnerability affecting end-of-life Cisco network devices is being exploited by a Russian state-sponsored cyber espionage…
Microsoft to Make All Products Quantum Safe by 2033
Microsoft has announced plans to implement quantum-safe solutions in its products and services from 2029, with the tech giant aiming for a…
Apple Releases Patch for Likely Exploited Zero-Day Vulnerability
In a series of updates for its iOS, iPadOS, and macOS operating systems, Apple released a patch for a previously unknown vulnerability that…
FBI warns of Russian hackers exploiting 7-year-old Cisco flaw
The Federal Bureau of Investigation (FBI) has warned that hackers linked to Russia’s Federal Security Service (FSB) are targeting…
Why Certified VMware Pros Are Driving the Future of IT
By Brenda Emerson, VMUG President IT isn’t getting any simpler. For many, the cloud’s gone hybrid, AI’s moved in…
Microsoft asks customers for feedback on reported SSD failures
Microsoft is seeking further information from customers who reported failure and data corruption issues affecting their solid-state…
Europol confirms $50,000 Qilin ransomware reward is fake
Europol has confirmed that a Telegram channel impersonating the agency and offering a $50,000 reward for information on two Qilin ransomware…
Colt confirms customer data stolen as Warlock ransomware auctions files
UK-based telecommunications company Colt Technology Services confirms that customer documentation was stolen as Warlock ransomware gang…
Dev gets 4 years for creating kill switch on ex-employer's systems
A software developer has been sentenced to four years in prison for sabotaging his ex-employer’s Windows network with custom malware and…
DaVita says ransomware gang stole data of nearly 2.7 million people
Kidney dialysis firm DaVita has confirmed that a ransomware gang that breached its network stole the personal and health information of nearly…
Massive anti-cybercrime operation leads to over 1,200 arrests in Africa
Law enforcement authorities in Africa have arrested over 1,200 suspects as part of ‘Operation Serengeti 2.0,’ an INTERPOL-led…
MCP vulnerability case study: SQL injection in the Postgres MCP server
Key points and observations We found a SQL injection vulnerability in Anthropic’s reference Postgres MCP server that allowed us to…
Enumerating AWS the quiet way: CloudTrail-free discovery with Resource Explorer
As security researchers, we strive to ideate, identify, and document new methods of attacking cloud services and resources. We build…
Datadog threat roundup: Top insights for Q2 2025
As a leading provider in observability and cloud security, Datadog has unique insight into threat actor behavior that targets cloud…
Vulnerabilities Identified in Dahua Hero C1 Smart Cameras
Whitepapers IoT Research min read Vulnerabilities Identified in Dahua Hero C1 Smart Cameras Bitdefender July 30, 2025 Promo Protect all your…
Backdoors & Breaches gameplay guide
At DASH 2025, we released a Datadog expansion pack of Backdoors & Breaches, a popular incident response card game by Black Hills…
Datadog guide to Hacker Summer Camp 2025
Every year in early August, conferences in Las Vegas, Nevada, serve as a gathering of security professionals in a single place. This time of…
Beyond Mimo’lette: Tracking Mimo's Expansion to Magento CMS and Docker
Executive summary Through investigations into a string of workload compromises involving ecommerce sites, the Datadog Security Research team…
I SPy: Escalating to Entra ID's Global Admin with a first-party app
This research was presented at fwd:cloudsec North America on June 30th, 2025. You can find the talk here. Key points Service principals (SPs)…
Kubernetes security fundamentals: PKI
In the previous post in this series, we looked at how Kubernetes network security is implemented. For this post, we’ll explore a topic…
CVE-2025-48384: Git vulnerable to arbitrary file write on non-Windows systems
Update - July 11, 2025: We are making a correction to the Git CLI versions vulnerable to this based on updates to the GitHub advisory around…
The obfuscation game: MUT-9332 targets Solidity developers via malicious VS Code extensions
Key points and observations Datadog Security Research discovered three malicious VS Code extensions that target Solidity developers on…
Tales from the cloud trenches: The Attacker doth persist too much, methinks
As a result of a recent threat hunt, we observed attacker activity originating from a leaked long-term AWS access key (AKIA*). Within a…
Weaponizing Facebook Ads: Inside the Multi-Stage Malware Campaign Exploiting Cryptocurrency Brands
A persistent malvertising campaign is plaguing Facebook, leveraging the reputations of well-known cryptocurrency exchanges to lure victims…
RedisRaider: Weaponizing misconfigured Redis to mine cryptocurrency at scale
Key points and observations Datadog Security Research has discovered a new Linux cryptojacking campaign, named RedisRaider, targeting publicly…
Active Subscription Scam Campaigns Flooding the Internet
Bitdefender researchers have uncovered a surge in subscription scams, both in scale and sophistication, spurred by a massive campaign…
Datadog threat roundup: Top insights for Q1 2025
As a leading provider in observability and cloud security, Datadog has unique insight into threat actor behavior that targets cloud…
Hundreds of Malicious Google Play-Hosted Apps Bypassed Android 13 Security With Ease
Bitdefender's security researchers have identified a large-scale ad fraud campaign that deployed hundreds of malicious apps in the Google Play…