Kudelski Security Research recently published an article detailing advanced methods for tracking and analyzing threat actor infrastructure, providing valuable insights into cyber attack patterns and…
A malicious Python Package Index (PyPI) package named “set-utils” has been stealing Ethereum private keys through intercepted wallet creation functions and exfiltrating them via the…
A critical security oversight in widely used Apache Airflow instances has exposed credentials for platforms like AWS, Slack, PayPal, and other services, leaving organizations vulnerable…
Business owners and CEOs across the United States received customized ransomware threats this month from the most unusual of places—letters in the mail. The letters,…
Dive Brief: Broadcom on Tuesday disclosed three zero-day vulnerabilities that affect multiple VMware products, including ESXi, Workstation and Fusion. The vulnerabilities have been exploited in…
Over 37,000 internet-exposed VMware ESXi instances are vulnerable to CVE-2025-22224, a critical out-of-bounds write flaw that is actively exploited in the wild. This massive exposure…
A newly disclosed critical vulnerability in Sitecore Experience Platform (CVE-2025-27218) allows unauthenticated attackers to execute arbitrary code on unpatched systems. The flaw, rooted in insecure…
Socket exposes a typosquatting campaign delivering malware to Linux and macOS systems via malicious Go packages. Discover the tactics used, including obfuscation and domain typosquatting,…
European cloud providers are being urged to adopt a newly created open source infrastructure management application programming interface (API) designed to make it easier for…
Starting mid-March 2025, Microsoft will start prompting users of its Microsoft 365 apps for Windows to back up their files to OneDrive. These prompts will…
With recent attack disclosures like Browser Syncjacking and extension infostealers, browser extensions have become a primary security concern at many organizations. SquareX’s research team discovers…
The National Health Service (NHS) has long been plagued by cybersecurity controversies, with one of the most notable incidents being the 2017 WannaCry ransomware attack…
