Hunted Labs Entercept combats software supply chain attacks
Hunted Labs announced Entercept, an AI-powered source code security platform that gives enterprises instant visibility into suspicious behavior from the people and code in their…
Month: May 2025
Threat actors use fake AI tools to deliver the information stealer Noodlophile
Threat actors use fake AI tools to deliver the information stealer Noodlophile Pierluigi Paganini May 12, 2025 Threat actors use fake AI tools to trick…
The Ongoing Risks of Hardcoded JWT Keys — API Security
In early May 2025, Cisco released software fixes to address a flaw in its IOS XE Software for Wireless LAN Controllers (WLCs). The vulnerability, tracked…
Defense contractors get a head start on CMMC audits
Listen to the article 3 min This audio is auto-generated. Please let us know if you have feedback. Dive Brief: Many federal contractors are initiating…
Mitel SIP Phone Flaws Allow Attackers to Inject Malicious Commands
A pair of vulnerabilities in Mitel’s 6800 Series, 6900 Series, and 6900w Series SIP Phones-including the 6970 Conference Unit-could enable attackers to execute arbitrary commands…
Anti-Ransomware Day 2025: Advice from the front line
The threat of ransomware continues to grow, with 150% more attacks this year compared to 2024. Organisations are scrambling to keep up with evolving tactics…
Husband Hacks Scammers Who Targeted His Wife, Gave USPS Investigators Info
Cybersecurity expert Grant Smith wasn’t about to let it slide when scammers tried bilking his wife through a phony U.S. Postal Service text. “I took it personally,”…
Compromised SAP NetWeaver instances are ushering in opportunistic threat actors
A second wave of attacks against the hundreds of SAP NetWeaver platforms compromised via CVE-2025-31324 is underway. “[The] attacks [are] staged by follow-on, opportunistic threat…
VMware Tools Vulnerability Allows Attackers to Modify Files and Launch Malicious Operations
Broadcom-owned VMware has released security patches addressing a moderate severity insecure file handling vulnerability in VMware Tools, tracked as CVE-2025-22247 with a CVSS base score…
Zero Trust in the Age of Digital Transformation: The New Cybersecurity Paradigm
With the digital transformation movement sweeping the world and cyber threats evolving simultaneously to pose greater and greater threats, today’s organizations are faced with two…
A Tool That Disables Windows Defender by Registering as an Antivirus
Cybersecurity developers have released a new tool called “defendnot,” a successor to the previously DMCA-takedown-affected “no-defender” project. This innovative utility leverages undocumented Windows Security Center…
Why Exposed Credentials Remain Unfixed—and How to Change That
Detecting leaked credentials is only half the battle. The real challenge—and often the neglected half of the equation—is what happens after detection. New research from…