The cybersecurity landscape has witnessed a significant evolution in attack techniques with North Korean threat actors adopting EtherHiding, a sophisticated method that leverages blockchain technology…
Netcraft recently uncovered a suspicious URL targeting GMO Aozora Bank, a Japanese financial institution. The URL leveraged a legacy web technique—Basic Authentication URL formatting—to visually…
In a recently uncovered campaign, the Mysterious Elephant advanced persistent threat (APT) group has executed a sophisticated series of intrusions against government and foreign policy…
The UK’s Information Commissioner’s Office has imposed a £14 million penalty on Capita following a major cyber attack in March 2023 that exposed the personal…
A targeted cyber-espionage campaign exploiting Windows Scheduled Tasks and DLL side-loading to deploy the sophisticated ValleyRAT backdoor. The operation pivots on tailored spear-phishing emails, weaponized…
Researchers at Cisco Talos have uncovered a sophisticated campaign by the Famous Chollima subgroup of Lazarus, wherein attackers deploy blended JavaScript tools—BeaverTail and OtterCookie—to carry…
A new phishing campaign impersonating LastPass is circulating today, October 13, 2025, aiming to deceive users into downloading malicious desktop software. Emails purporting to come…
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert regarding an actively exploited vulnerability in Microsoft Windows. The flaw resides in the…
Qilin ransomware–an increasingly prolific ransomware-as-a-service (RaaS) operation–has intensified its global extortion campaigns by exploiting a covert network of bulletproof hosting (BPH) providers. These rogue hosting…
A newly disclosed vulnerability in Samba’s WINS server hook script enables unauthenticated attackers to run arbitrary commands on affected domain controllers. This critical flaw, tracked…
An important security flaw in Apache ActiveMQ’s .NET client library has put developers at risk of remote code execution. The vulnerability, tracked as CVE-2025-54539, exists…
The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical Adobe Experience Manager Forms vulnerability to its Known Exploited Vulnerabilities (KEV) catalog, warning that…
