Phishers abuse Google OAuth to spoof Google in DKIM replay attack
In a rather clever attack, hackers leveraged a weakness that allowed them to send a fake email that seemed delivered from Google’s systems, passing all…
Month: April 2025
Hackers Exploit Stolen Certificates and Private Keys to Breach Organizations
Recent research has unveiled a concerning vulnerability within the realm of containerized applications, where threat actors are leveraging stolen certificates and private keys to infiltrate…
Profit vs. The Middle Class
Both the left and the right talk about the health of the middle class as a key indicator of American prosperity, but they fail to…
WordPress ad-fraud plugins generated 1.4 billion ad requests per day
A large-scale ad fraud operation called ‘Scallywag’ is monetizing pirating and URL shortening sites through specially crafted WordPress plugins that generate billions of daily fraudulent…
RedGolf Hackers Linked to Fortinet Zero-Day Exploits and Cyber Attack Tools
Security researchers have linked the notorious RedGolf hacking group to a wave of exploits targeting Fortinet firewall zero-days and the deployment of custom cyber attack…
Senators Introduce Bipartisan Bill To Strengthen Cybersecurity
U.S. Senators Gary Peters (D-MI) and Mike Rounds (R-SD) have introduced a bipartisan bill to extend vital provisions from the Cybersecurity Information Sharing Act of…
UL Top 10 AI Risks (v1)
Given the speed of AI improvement and adoption, it’s hard for most people to know what to be concerned about, and what to do about…
Déjà Vu: What Cloud Adoption Can Teach Us About AI in Cybersecurity
The launch of ChatGPT undeniably marked a turning point in the technological landscape, ushering in the era of readily accessible and powerful Large Language Models…
Critical PyTorch Vulnerability Allows Hackers to Run Remote Code
A newly disclosed critical vulnerability (CVE-2025-32434) in PyTorch, the widely used open-source machine learning framework, allows attackers to execute arbitrary code on systems loading AI…
North Korea, Iran, Russia-Backed Hackers Deploy ClickFix in New Attacks
Government-backed hacking groups from North Korea (TA427), Iran (TA450), and Russia (UNK_RemoteRogue, TA422) are now using the ClickFix technique in their espionage campaigns. Learn about…
The Main Difference I See Between Today’s Liberals and Conservatives
Image: Erin Schell There are many differences between liberal and conservative belief systems, but one of them serves as foundation to all the others: for…
Hackers Bypassed Windows Defender Policies Using WinDbg Preview via Microsoft Store
A newly documented technique reveals how attackers can exploit the WinDbg Preview debugger to bypass even the strictest Windows Defender Application Control (WDAC) policies, raising…