CISA has issued an Emergency Directive mandating immediate action to mitigate two critical zero-day vulnerabilities, CVE-2025-20333 and CVE-2025-20362, actively exploited against Cisco Adaptive Security Appliances (ASA) and select Firepower…
CloudSEK has uncovered a sophisticated Loader-as-a-Service botnet campaign spanning the last six months, leveraging exposed command-and-control logs to orchestrate attacks against SOHO routers, embedded Linux…
A large cache of medical and personal information belonging to patients of Archer Health Inc. was left publicly accessible after a database was found online…
Sep 26, 2025Ravie LakshmananMalware / Browser Security Cybersecurity researchers have discovered an updated version of a known Apple macOS malware called XCSSET that has been…
An updated variant of the sophisticated XCSSET macOS malware is monitoring the system clipboard to hijack cryptocurrency transactions, Microsoft warns. First observed in the wild…
Nessus Pros Authenticated scanning of internal assets (workstations, network devices). Widely accepted for compliance and audit reporting (e.g., PCI DSS). Cons Core strength is infrastructure,…
In late 2024, a new wave of cyber espionage emerged targeting global telecommunications infrastructure. Operating under the moniker Salt Typhoon, this Chinese state-sponsored group has…
A loosely connected cybercrime supergroup is exploiting social engineering to compromise Fortune 100 organizations and government agencies. LAPSUS$, Scattered Spider, and ShinyHunters—three of the most…
Sep 26, 2025Ravie LakshmananVulnerability / Threat Intelligence Cybersecurity company watchTowr Labs has disclosed that it has “credible evidence” of active exploitation of the recently disclosed…
Amazon is part of a coalition focused on ensuring artificial intelligence (AI) datacentres use water as efficiently as possible, amid growing concerns about the environmental…
Microsoft researchers say the long-running XCSSET malware has resurfaced with a new arsenal of tricks aimed at stealing data, persisting on devices, and hijacking cryptocurrency…
Burp Enterprise Pros: Offers granular control and customization to fit the distinct needs of a mature security program. Empowers expert teams with a strong DAST…
