The CTEM Conversation We All Need
Jun 24, 2025Ravie LakshmananThreat Exposure Management I had the honor of hosting the first episode of the Xposure Podcast live from Xposure Summit 2025. And…
Category: TheHackerNews
Hackers Exploit Misconfigured Docker APIs to Mine Cryptocurrency via Tor Network
Jun 24, 2025Ravie LakshmananCloud Security / Cryptojacking Misconfigured Docker instances are the target of a campaign that employs the Tor anonymity network to stealthily mine…
APT28 Uses Signal Chat to Deploy BEARDSHELL Malware and COVENANT in Ukraine
Jun 24, 2025Ravie LakshmananMalware / Threat Intelligence The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of a new cyber attack campaign by the…
U.S. House Bans WhatsApp on Official Devices Over Security and Data Protection Issues
Jun 24, 2025Ravie LakshmananData Protection / Mobile Security The U.S. House of Representatives has formally banned congressional staff members from using WhatsApp on government-issued devices,…
China-linked Salt Typhoon Exploits Critical Cisco Vulnerability to Target Canadian Telecom
Jun 24, 2025Ravie LakshmananCyber Espionage / Chinese Hackers The Canadian Centre for Cyber Security and the U.S. Federal Bureau of Investigation (FBI) have issued an…
DHS Warns Pro-Iranian Hackers Likely to Target U.S. Networks After Iranian Nuclear Strikes
Jun 23, 2025Ravie LakshmananHacktivism / Cyber Warfare The United States government has warned of cyber attacks mounted by pro-Iranian groups after it launched airstrikes on…
Echo Chamber Jailbreak Tricks LLMs Like OpenAI and Google into Generating Harmful Content
Jun 23, 2025Ravie LakshmananLLM Security / AI Security Cybersecurity researchers are calling attention to a new jailbreaking method called Echo Chamber that could be leveraged…
XDigo Malware Exploits Windows LNK Flaw in Eastern European Government Attacks
Jun 23, 2025Ravie LakshmananCyber Espionage / Vulnerability Cybersecurity researchers have uncovered a Go-based malware called XDigo that has been used in attacks targeting Eastern European…
How AI-Enabled Workflow Automation Can Help SOCs Reduce Burnout
It sure is a hard time to be a SOC analyst. Every day, they are expected to solve high-consequence problems with half the data and…
Google Adds Multi-Layered Defenses to Secure GenAI from Prompt Injection Attacks
Google has revealed the various safety measures that are being incorporated into its generative artificial intelligence (AI) systems to mitigate emerging attack vectors like indirect…
Scattered Spider Behind Cyberattacks on M&S and Co-op, Causing Up to $592M in Damages
Jun 21, 2025Ravie LakshmananCyber Attack / Critical Infrastructure The April 2025 cyber attacks targeting U.K. retailers Marks & Spencer and Co-op have been classified as…
Qilin Ransomware Adds “Call Lawyer” Feature to Pressure Victims for Larger Ransoms
The threat actors behind the Qilin ransomware-as-a-service (RaaS) scheme are now offering legal counsel for affiliates to put more pressure on victims to pay up,…