In a newly uncovered campaign, the threat group known as Bitter—also tracked as APT-Q-37—has leveraged both malicious Office macros and a previously undocumented WinRAR path…
Elastic released Agent Builder, a complete set of capabilities powered by Elasticsearch, that makes it easy for developers to build custom AI agents on company…
Monolock ransomware has surfaced in underground forums, with threat actors advertising version 1.0 for sale alongside stolen corporate credentials. First detected in late September, the…
Over the past week, cybersecurity professionals have been gripped by the emergence of GlassWorm, a highly sophisticated, self-propagating malware campaign targeting VS Code extensions on…
Oct 22, 2025Ravie LakshmananCyber Espionage / Network Security Government, financial, and industrial organizations located in Asia, Africa, and Latin America are the target of a…
Government departments in Sweden are considering deploying “open network” encrypted messaging services as an alternative to proprietary collaboration tools. Some 40 of Sweden’s government agencies…
A sneaky hacking campaign where attackers used publicly available ASP.NET machine keys to break into Windows IIS web servers. These keys, meant to protect web…
On October 6, 2025, the cybercriminal developer known as “Loadbaks” announced the release of Vidar Stealer v2.0 on underground forums, introducing a sophisticated information-stealing malware…
Keycard emerged from stealth with its identity and access platform for AI agents that integrates with organizations’ existing user identity solutions. Keycard’s platform identifies AI…
Oct 22, 2025Ravie LakshmananVulnerability / Data Protection Cybersecurity researchers have disclosed details of a high-severity flaw impacting the popular async-tar Rust library and its forks,…
A cyberattack on hospitals in North Central Massachusetts has caused major operational disruptions at Heywood Hospital in Gardner and Athol Hospital, a smaller critical access…
A critical authorization bypass vulnerability has emerged in ZYXEL’s ATP and USG series network security appliances, allowing attackers to circumvent two-factor authentication protections and gain…
