Massive NPM Supply Chain Attack Earned Attackers Only $600
A massive NPM supply chain attack that hit about 10% of all cloud environments yielded little for the hackers who...
Read more →Category: DarkReading
SAP Patches Critical CVE-2025-42944 In NetWeaver
SAP has released a new security update addressing a broad range of vulnerabilities across its product ecosystem. Among the most...
Read more →
FTC Urged To Investigate Microsoft On Outdated RC4 Encryption And Kerberoasting Flaws
A fresh firestorm has erupted over Microsoft’s handling of cybersecurity risks, with U.S. Senator Ron Wyden (D-OR) calling on the...
Read more →
SonicWall SSL VPN Flaw CVE-2024-40766 Actively Exploited
The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) has issued an urgent alert regarding active exploitation of a...
Read more →
LockerGoga, MegaCortex, Nefilim Ransomware Mastermind On Europe’s Most Wanted List
The U.S. Department of Justice has unsealed charges against Ukrainian national for administering the LockerGoga, MegaCortex, and Nefilim ransomware operations,...
Read more →
Apple Introduces Memory Integrity Enforcement In IPhone 17 To Fight Spyware Exploits
Apple has introduced Memory Integrity Enforcement (MIE), a system-wide security feature designed to crush one of the most persistent threats...
Read more →
Critical Adobe Commerce Flaw CVE-2025-54236 Alert
Adobe has issued an urgent security advisory, specifically for CVE-2025-54236, also known as SessionReaper, affecting Adobe Commerce and Magento Open-Source...
Read more →
Patch Tuesday September 2025 Fixes Risky Kernel Flaws
Three high-risk Windows kernel flaws were among the fixes included in Microsoft’s September 2025 Patch Tuesday updates released today. In...
Read more →
New Linux Botnet Combines Cryptomining And DDoS Attacks
Cyble threat intelligence researchers have identified a sophisticated Linux botnet built for cryptocurrency mining, remote command execution, and dozens of...
Read more →
Black Hat USA 2025 CISO Podcast Series Ep-6 Goes Live
Artificial Intelligence (AI) is no longer just a buzzword in cybersecurity—it has become a practical and powerful tool that enterprises...
Read more →
Salesloft Drift Cyberattack Hits Major Tech Companies
A Salesloft Drift cyberattack has compromised the Salesforce environments of numerous organizations, exposing customer data and credentials in a growing...
Read more →
Jaguar Land Rover Cyberattack Halts Global Production
Jaguar Land Rover (JLR) has been forced to extend the shutdown of its UK manufacturing operations following a cyberattack on...
Read more →