Critical CVE-2025-9074 Docker Desktop Vulnerability Fix
A severe security vulnerability identified as CVE-2025-9074 has been discovered in Docker Desktop, exposing users to critical risks where malicious containers can gain unauthorized access…
Month: August 2025
Protecting Your AI-Powered Infrastructure — API Security
With innovation comes risk. As organizations race to build AI-first infrastructure, security is struggling to keep pace. Multi-Agentic Systems – those built on Large Language…
Dubai imposes fines on ADQ-supported cryptocurrency infrastructure provider.
Regulator probes Fuze Unauthorized activities identified Remediation plan in progress Fuze, a crypto infrastructure provider supported by significant regional and global investors, has been penalized…
Lowrys Farm owner, My Jewelry slammed as 138,000 Hongkongers hit in data leaks
Hong Kong’s privacy watchdog has ruled that three retailers, including the local branch of a Japanese multinational company that owns fashion brands Lowrys Farm and…
UNC5518 Group Hacks Legitimate Websites to Inject Fake Captcha That Tricks Users to Execute Malware
A sophisticated cybercrime operation has emerged, targeting unsuspecting internet users through a deceptive social engineering technique that exploits one of the web’s most trusted security…
UNC5518 Group Hacks Legitimate Sites with Fake Captcha to Deliver Malware
The financially motivated threat group UNC5518 has been infiltrating trustworthy websites to install ClickFix lures, which are misleading phony CAPTCHA pages, as part of a…
Key Findings from the Blue Report 2025
As security professionals, it’s easy to get caught up in a race to counter the latest advanced adversary techniques. Yet the most impactful attacks often…
Interview: Simon Goodyear, chief information and technology officer, Redwood Bank
As a youngster, Simon Goodyear believed there was nothing that couldn’t be solved with technology, and he is now applying this belief to his role…
Apple Patches Zero-Day In IOS 18.6.2 After Targeted Exploits
Apple on Wednesday released iPadOS/iOS 18.6.2, as a security update addressing a zero-day vulnerability— tracked as CVE-2025-43300. The company said, the bug has already been…
New SHAMOS Malware Attacking macOS Via Fake Help Websites to Steal Login Credentials
A sophisticated malware campaign targeting macOS users has emerged between June and August 2025, successfully attempting to compromise over 300 customer environments through deceptive help…
MITM6 + NTLM Relay Attack Enables Full Domain Compromise
Cybersecurity researchers are highlighting a dangerous attack technique that combines rogue IPv6 configuration with NTLM credential relay to achieve complete Active Directory domain compromise, exploiting…
A Scattered Spider member gets 10 years in prison
A Scattered Spider member gets 10 years in prison Pierluigi Paganini August 21, 2025 A 20-year-old Scattered Spider member gets 10 years in prison and…