Weaponized ScreenConnect RMM Tool Deceives Users into Installing Xworm RAT
The SpiderLabs Threat Hunt Team recently discovered a cyber campaign in which threat actors used the genuine ScreenConnect remote management application as a weapon to…
Month: August 2025
TfNSW’s network services deal with Datacom hits $190m
Transport for NSW has added another $71 million to its ongoing managed network services arrangement with Datacom. Datacom secured the five-year outsourcing deal in July…
The Art Quality Tier List (AQTL)
I think I finally figured out what art is. Took me decades. Here’s my definition, which has two primary components: Indirect expression of something that…
Farmers Insurance Cyber Attack – 1.1 Million Customers Data Exposed in Salesforce Attack
Farmers Insurance Exchange and its subsidiaries recently disclosed a significant security incident that compromised personal information of approximately 1.1 million customers through an unauthorized access…
Innovator Spotlight: ManageEngine – Cyber Defense Magazine
Unifying IT Management and Security with ManageEngine In today’s digital landscape, IT can feel like juggling flaming torches, one wrong move and the consequences can…
Check Point Named Leader in Gartner 2025 Magic Quadrant for Hybrid Mesh Firewalls
Check Point Software has been recognized as a Leader in the 2025 Gartner® Magic Quadrant for Hybrid Mesh Firewalls, with the research firm citing the…
SquareX Discloses Major Passkey Vulnerability at DEF CON 33
It is no secret that passwords are highly susceptible to phishing and brute force attacks. This led to the mass adoption of passkeys, a passwordless…
Policy, SOPs, and AI Are All You Need
I think InfoSec—and in fact business management in general—is evolving into the combination of four things: Policy (entity identity/goals) State (assets, configuration) SOPs (approved execution…
Salesloft Drift compromised en masse, impacting all third-party integrations
Salesloft Drift customers are compromised in a much more expansive downstream attack spree than previously thought, potentially ensnaring any user that integrated the AI chat…
South Korea Arrests Suspected Chinese Hacker Stolen Tens of Millions of Dollars from Victims
South Korean authorities have successfully extradited a Chinese national suspected of orchestrating one of the most sophisticated hacking operations targeting high-profile individuals and financial institutions.…
Anthropic Blocks Hackers Attempting to Exploit Claude AI for Cyber Attacks
Anthropic, a leading AI research company, has successfully disrupted multiple attempts by cybercriminals to misuse its Claude AI model for sophisticated cyberattacks, as detailed in…
CISA Adds Citrix and Git Flaws to KEV Catalogue Amid Active Exploitation
CISA has added three actively exploited vulnerabilities in Citrix and Git to its KEV Catalogue. Federal agencies must patch the flaws by September 15, 2025.…