XCSSET Malware Mutates Again, Expands Reach To Firefox
Microsoft researchers say the long-running XCSSET malware has resurfaced with a new arsenal of tricks aimed at stealing data, persisting on devices, and hijacking cryptocurrency…
Month: September 2025
Product comparison: Detectify vs. Burp Enterprise
Burp Enterprise Pros: Offers granular control and customization to fit the distinct needs of a mature security program. Empowers expert teams with a strong DAST…
New Malicious Rust Crates Impersonating fast_log to Steal Solana and Ethereum Wallet Keys
Cybercriminals have launched a sophisticated supply chain attack targeting cryptocurrency developers through malicious Rust crates designed to steal digital wallet keys. Two fraudulent packages, faster_log…
Hackers Breach Active Directory, Steal NTDS.dit for Full Domain Compromise
Threat actors recently infiltrated a corporate environment, dumped the AD database file NTDS.dit, and nearly achieved full domain control. AD acts as the backbone of…
Recent Fortra GoAnywhere MFT Vulnerability Exploited as Zero-Day
Exploitation of a recently disclosed Fortra GoAnywhere MFT vulnerability started at least one week before patches were released, cybersecurity firm watchTowr reports. Fortra fixed the…
Product update: Dynamic API Scanning, Recommendations and Classifications, and more
We know the importance of staying ahead of threats. At Detectify, we’re committed to providing you with the tools you need to secure your applications…
Critical Cisco Vulnerability Let Remote Attackers Execute Arbitrary Code on Firewalls and Routers
Cisco warns of a Critical remote code execution flaw in web services across multiple Cisco platforms. Tracked as CVE-2025-20363 (CWE-122), this vulnerability carries a CVSS…
Unveiling LummaStealer’s Technical Details Through ML-Based Detection Approach
In early 2025, LummaStealer was in widespread use by cybercriminals targeting victims throughout the world in multiple industry verticals, including telecom, healthcare, banking, and marketing.…
The Real Cost of OT Cyber: Why Process-Level Security Is a Financial Decision
The threat of an OT cyber-attack isn’t just an operational risk. It’s also a financial one. Companies across critical infrastructure and process industries spend billions…
AI infrastucture provider Nscale secures $1.1bn in series B funding
Artificial intelligence (AI) infrastructure provider Nscale has secured $1.1bn in series B funding, a week after it was announced the firm would be working with…
An LLM-Driven Malware for Dynamic Reconnaissance and Data Exfiltration
A novel AI-driven threat leverages LLMs on Hugging Face to execute adaptive reconnaissance and data exfiltration in real time. Rather than relying on static scripts…
Google warns of Brickstorm backdoor targeting U.S. legal and tech sectors
Google warns of Brickstorm backdoor targeting U.S. legal and tech sectors Pierluigi Paganini September 26, 2025 China-linked actors used Brickstorm malware to spy on U.S.…