ThreatsDay Bulletin: $176M Crypto Fine, Hacking Formula 1, Chromium Vulns, AI Hijack & More
Criminals don’t need to be clever all the time; they just follow the easiest path in: trick users, exploit stale components, or abuse…
Why Organizations Are Abandoning Static Secrets for Managed Identities
As machine identities explode across cloud environments, enterprises report dramatic productivity gains from eliminating static credentials.…
Iran-Linked MuddyWater Targets 100+ Organisations in Global Espionage Campaign
The Iranian nation-state group known as MuddyWater has been attributed to a new campaign that has leveraged a compromised email account to…
Chinese Threat Actors Exploit ToolShell SharePoint Flaw Weeks After Microsoft's July Patch
Threat actors with ties to China exploited the ToolShell security vulnerability in Microsoft SharePoint to breach a telecommunications company…
Why You Should Swap Passwords for Passphrases
The advice didn't change for decades: use complex passwords with uppercase, lowercase, numbers, and symbols. The idea is to make passwords…
Securing AI to Benefit from AI
Artificial intelligence (AI) holds tremendous promise for improving cyber defense and making the lives of security practitioners easier. It…
Google Identifies Three New Russian Malware Families Created by COLDRIVER Hackers
A new malware attributed to the Russia-linked hacking group known as COLDRIVER has undergone numerous developmental iterations since May 2025,…
Weekly Recap: F5 Breached, Linux Rootkits, Pixnapping Attack, EtherHiding & More
It's easy to think your defenses are solid — until you realize attackers have been inside them the whole time. The latest incidents show…
Analysing ClickFix: 3 Reasons Why Copy/Paste Attacks Are Driving Security Breaches
ClickFix, FileFix, fake CAPTCHA — whatever you call it, attacks where users interact with malicious scripts in their web browser are a…
Silver Fox Expands Winos 4.0 Attacks to Japan and Malaysia via HoldingHands RAT
The threat actors behind a malware family known as Winos 4.0 (aka ValleyRAT) have expanded their targeting footprint from China and Taiwan to…
ThreatsDay Bulletin: $15B Crypto Bust, Satellite Spying, Billion-Dollar Smishing, Android RATs & More
The online world is changing fast. Every week, new scams, hacks, and tricks show how easy it's become to turn everyday technology into a…
Whisper 2FA Behind One Million Phishing Attempts Since July
The phishing platform “Whisper 2FA” has rapidly become one of the most active tools used in large-scale credential theft…
How Attackers Bypass Synced Passkeys
TLDR Even if you take nothing else away from this piece, if your organization is evaluating passkey deployments, it is insecure to deploy…
Chrome Fix: New Use-After-Free Flaw (CVE-2025-11756) in Safe Browsing Component Poses High Risk
Google has released a new Stable Channel Update for Desktop, rolling out gradually to Windows, macOS, and Linux systems over the coming days…
Windows 11 KB5066835 and KB5066793 updates released
Microsoft has released Windows 11 KB5066835 and KB5066793 cumulative updates for versions 25H2/24H2 and 23H2 to fix…
Legacy Windows Protocols Still Expose Networks to Credential Theft
A new cybersecurity study has found that legacy Windows communication protocols continue to expose organizations to credential theft, even…
Sweatpants & Cyberthreats: Managing Remote Employee Risk
The remote work revolution did not just change where we work, it redefined how we secure our workplaces. The shift, which was accelerated by…
Chinese hackers abuse geo-mapping tool for year-long persistence
Chinese state hackers remained undetected in a target environment for more than a year by turning a component in the ArcGIS geo-mapping tool…
Chinese Hackers Use Trusted ArcGIS App For Year-Long Persistence
Security teams have been urged to adopt proactive threat hunting after a new report revealed how Chinese hackers used novel techniques to…
Moving Beyond Awareness: How Threat Hunting Builds Readiness
Every October brings a familiar rhythm - pumpkin-spice everything in stores and cafés, alongside a wave of reminders, webinars, and…
What AI Reveals About Web Applications— and Why It Matters
Before an attacker ever sends a payload, they've already done the work of understanding how your environment is built. They look at your login…
Researchers Expose TA585’s MonsterV2 Malware Capabilities and Attack Chain
Cybersecurity researchers have shed light on a previously undocumented threat actor called TA585 that has been observed delivering an…
Weekly Recap: WhatsApp Worm, Critical CVEs, Oracle 0-Day, Ransomware Cartel & More
Every week, the cyber world reminds us that silence doesn't mean safety. Attacks often begin quietly — one unpatched flaw, one…
Week in review: Hackers extorting Salesforce, CentreStack 0-day exploited
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: How to get better results from…
Identity Risk Intelligence – The Missing Piece in Continuous Threat Exposure Management (CTEM)
In today’s cybersecurity landscape, identity is no longer just a credentialing concern; it is the battleground. Modern cyber defenses…
Threat Actors Exploiting SonicWall SSL VPN Devices in Wild to Deploy Akira Ransomware
Threat actors have reemerged in mid-2025 leveraging previously disclosed vulnerabilities in SonicWall SSL VPN appliances to deploy Akira…
How Chief Technology Officers Can Stay Ahead of Complex Threat Actor Tactics
Cyberattacks are becoming increasingly complex because organizations are more interconnected than ever before while threat actors are better…
175 Malicious npm Packages with 26,000 Downloads Used in Credential Phishing Campaign
Cybersecurity researchers have flagged a new set of 175 malicious packages on the npm registry that have been used to facilitate credential…
‘Payroll Pirate’ Attacks Target U.S. Universities, Diverting Employee Salaries
Microsoft Threat Intelligence has revealed a spate of financially motivated cyberattacks against universities across the United States. The…
SonicWall: Firewall configs stolen for all cloud backup customers
SonicWall has confirmed that all customers that used the company's cloud backup service are affected by the security breach last month.…
Hackers Access SonicWall Cloud Firewall Backups, Spark Urgent Security Checks
SonicWall on Wednesday disclosed that an unauthorized party accessed firewall configuration backup files for all customers who have used the…
ThreatsDay Bulletin: MS Teams Hack, MFA Hijacking, $2B Crypto Heist, Apple Siri Probe & More
Cyber threats are evolving faster than ever. Attackers now combine social engineering, AI-driven manipulation, and cloud exploitation to…
SaaS Breaches Start with Tokens – What Security Teams Must Watch
Token theft is a leading cause of SaaS breaches. Discover why OAuth and API tokens are often overlooked and how security teams can strengthen…
Qilin ransomware claims Asahi brewery attack, leaks data
The Qilin ransomware group has claimed the attack on Japanese beer giant Asahi by adding the company to the list of victims on its data leak…
Step Into the Password Graveyard… If You Dare (and Join the Live Session)
Every year, weak passwords lead to millions in losses — and many of those breaches could have been stopped. Attackers don't need…
OpenAI Finds Growing Exploitation of AI Tools by Foreign Threat Groups
OpenAI’s latest “Disrupting Malicious Uses of AI” report shows that hackers and influence operators are moving toward a more…
OpenAI Disrupts Russian, North Korean, and Chinese Hackers Misusing ChatGPT for Cyberattacks
OpenAI on Tuesday said it disrupted three activity clusters for misusing its ChatGPT artificial intelligence (AI) tool to facilitate malware…
DraftKings warns of account breaches in credential stuffing attacks
Sports betting giant DraftKings has notified an undisclosed number of customers that their accounts had been hacked in a recent wave of…
Kibana Crowdstrike Connector Vulnerability Exposes Protected Credentials
Elastic has released a security advisory detailing a medium-severity vulnerability in the Kibana CrowdStrike Connector that could allow for…
⚡ Weekly Recap: Oracle 0-Day, BitLocker Bypass, VMScape, WhatsApp Worm & More
The cyber world never hits pause, and staying alert matters more than ever. Every week brings new tricks, smarter attacks, and fresh lessons…
CometJacking: One Click Can Turn Perplexity’s Comet AI Browser Into a Data Thief
Cybersecurity researchers have disclosed details of a new attack called CometJacking targeting Perplexity's agentic AI browser Comet by…
New Study Warns Several Free iOS and Android VPN Apps Leak Data
Millions who rely on free mobile Virtual Private Network (VPN) apps for online privacy may actually be putting their data at greater risk,…