Threat actors have exploited a critical Remote Code Execution (RCE) vulnerability, identified as CVE-2025-32432, in the Craft Content Management System (CMS). Discovered by Orange Cyberdefense…
May 27, 2025Ravie LakshmananCloud Security / Threat Intelligence Misconfigured Docker API instances have become the target of a new malware campaign that transforms them into…
Amazon Web Services (AWS) has become the lifeblood of millions of modern businesses, both big and small. But while this popular cloud platform enables them…
A sophisticated phishing campaign targeting Italian and U.S. users through fake Microsoft OneNote login prompts designed to harvest Office 365 and Outlook credentials. The attack…
A recent investigation by security analysts has uncovered a persistent phishing campaign targeting Italian and U.S. users, utilizing a chain of free cloud platforms and…
Internal and external comms are an age-old minefield for security leaders, with teams balancing security with usability. In some cases, insecure comms systems can turn…
U.S. authorities on Thursday charged 16 defendants in a massive global operation to disrupt the Russia-based cybercrime group behind the DanaBot malware. DanaBot infected more…
APIs are the new highways of the internet. They’re fast, powerful, and make everything run until someone sneaks in and crashes the system. That’s the…
Microsoft Threat Intelligence Center (MSTIC) has issued a critical warning about a cluster of global cloud abuse activities orchestrated by a threat actor tracked as…
Global sportswear giant Adidas has confirmed that it has fallen victim to a cyber attack, with customer data stolen in the incident. The company revealed…
Following on from the EuroHPC Joint Undertaking (EuroHPC JU) signed earlier this May, the government has opened up applications for public research organisations to host…
Microsoft on Tuesday published technical documentation on a new Russia-linked espionage outfit it calls “Void Blizzard,” warning that the group has spent the past year…
