LunaLock Ransomware Attacking Artists to Steal and Encrypt Data
LunaLock, a newly surfaced ransomware strain, has launched a targeted campaign against independent artists and their clients, demanding a hefty ransom in exchange for stolen…
Month: September 2025
iCloud Calendar infrastructure abused in PayPal phishing campaign
Once again, phishers are targeting PayPal users by abusing existing legitimate infrastructure. Only this time they’re not abusing PayPal’s platform, but iCloud Calendar invites. Our…
Roblox Turns To AI-Based Age Estimation For All Communication-Ready Users
Roblox is rolling out a bold move to bolster child protection on its platform. In a Safety + Civility update, Chief Safety Officer Matt Kaufman…
Hackers Weaponizee Amazon Simple Email Service to Send 50,000+ Malicious Emails Per Day
A sophisticated cybercriminal campaign has emerged, exploiting Amazon’s Simple Email Service (SES) to orchestrate large-scale phishing operations capable of delivering over 50,000 malicious emails daily.…
Finding Agility in Post Quantum Encryption (PQC)
In an era where data security is paramount, current encryption algorithms are sufficient to safeguard sensitive information. However, the advent of quantum computing, especially in…
Kimsuky Hackers’ Playbook Uncovered in Exposed ‘Kim’ Data Dump
A rare breach attributed to a North Korean–affiliated actor named “Kim” by the leakers has unveiled unprecedented insight into Kimsuky (APT43) operations. Dubbed the “Kim”…
Breaking Into Cybersecurity Without A Technical Degree
Cybercrime damages are projected to reach $10.5 trillion USD globally by 2025, according to Cybersecurity Ventures, and organizations need more cybersecurity professionals. Traditional entry barriers, such…
Researchers Bypassed Web Application Firewall With JS Injection with Parameter Pollution
Cybersecurity researchers have demonstrated a sophisticated technique for bypassing Web Application Firewalls (WAFs) using JavaScript injection combined with HTTP parameter pollution, exposing critical vulnerabilities in…
Hackers Exploit Amazon SES to Blast Over 50,000 Malicious Emails Daily
A sophisticated cyberattack campaign where threat actors exploited compromised AWS credentials to hijack Amazon’s Simple Email Service (SES), launching large-scale phishing operations capable of sending…
iExec Becomes First Privacy Tools Provider for Arbitrum Ecosystem Builders
Paris, France, 2025 – iExec has announced the deployment of its privacy framework on Arbitrum, enabling the creation of powerful applications enhanced with confidential computing…
PoC Exploit Released for ImageMagick RCE Vulnerability
A proof-of-concept (PoC) exploit has been released for a critical remote code execution (RCE) vulnerability in ImageMagick 7’s MagickCore subsystem, specifically affecting the blob I/O (BlobStream) implementation.…
Web Application Firewall Bypassed via JS Injection with Parameter Pollution
In a recent autonomous penetration test, a novel cross-site scripting (XSS) bypass that sidesteps even highly restrictive Web Application Firewalls (WAFs). Security researchers uncovered a…