Vulnerability reports: Increase in quantity, decrease in quality?
The concept of the bug bounty is relatively simple: a researcher probes networks and applications for potential vulnerabilities, finds one, and reports it to the…
Author: Cybernoz
US medical device maker Stryker’s Microsoft environment attacked
An Iranian-linked hacking group has claimed responsibility for a destructive cyberattack on US-based medical device and services provider Stryker, according to messages posted to the…
Securing Unstructured Data in the Era of AI
Beyond File Servers: Securing Unstructured Data in the Era of AI Pierluigi Paganini March 13, 2026 File servers still exist for legacy storage and governance,…
Telus Digital hit with massive data breach
In other words, he said, the systems likely trusted the attacker, noting that, based on publicly available details, this incident aligns with a growing class…
Third-Party Risk Statistics
Key Takeaways Third-party risk is escalating. In 2024, 30% of breaches involved a third-party vendor, twice as much as the previous year. Static assessments are…
Remote Monitoring and Management Tools: A Gateway for Bulk Attacks on MSP Customers, Pt. 2
In mid-June, Huntress saw an incident where a threat actor compromised an MSP’s Remote Monitoring and Management (RMM) tool in an attempt to target three…
AppsFlyer Web SDK hijacked to spread crypto-stealing JavaScript code
The AppsFlyer Web SDK was temporarily hijacked this week with malicious code used to steal cryptocurrency in a supply-chain attack. The payload can intercept cryptocurrency…
Authorities Dismantle Malicious Proxy Service Used to Deploy Malware Attacking Thousands of Users
Authorities Dismantle Malicious Proxy Service An international law enforcement operation led by the U.S. Justice Department has successfully dismantled SocksEscort, a massive residential proxy network.…
Storm-2561 Uses SEO Poisoning, Fake Signed VPN Apps to Steal Enterprise Credentials
A financially motivated threat actor tracked as Storm-2561 is running a credential theft campaign that abuses SEO poisoning and fake, signed VPN installers to steal…
Feds Dismantle SocksEscort Proxy Network Used in Global Fraud
A coordinated international law enforcement operation has dismantled SocksEscort (socksescort.com), a large proxy service that routed cybercriminal traffic through thousands of compromised home and small…
ENISA advisory examines package manager security risks
Developers install external libraries with a single command, and that step can introduce more code than expected into a project environment. Dependency resolution inside package…
Meta rolls out anti-scam tools across WhatsApp, Facebook, and Messenger
Meta has rolled out more anti-scam protections across WhatsApp, Facebook, and Messenger to fight sophisticated fraud tactics. The features will help stop celebrity impersonators and…