10 Years of the Same Mistake
CVE-2025-55182 Intelligence Card c/o Recorded Future There are now multiple publicly available exploit scripts (I forked one on GitHub here) for the React and Next.js…
Latest Cybersecurity News — Page 115
View all →
Don’t Sweat the ClickFix Techniques: Variants & Detection Evolution
Executive summary Since the inception of ClickFix last year, this malicious copy-and-paste technique has become an initial access vector of choice for threat actors looking…
Be Offensive: A bold take on Cybersecurity Awareness Month.
Happy Cybersecurity Awareness Month to all who observe. There have now been 21 years of this momentous occasion. Twenty-one years! Old enough to buy…
NAPLAN tests disrupted by tech issue on first day
A “widespread” technology issue with the online platform used for NAPLAN standardised testing has forced schools to pause tests on the first day. Around 1.4…
Iranian MOIS Actors & the Cyber Crime Connection
Key Points Iran-linked actors are increasingly engaging with the cyber crime ecosystem. Their activity suggests a growing reliance on criminal tools, services, and operational models…
Top Cyber Threat Trends of 2025 from Deepfakes, ClickFix, and ViewState Exploits
Cloudflare Turnstile challenges leading to MetaStealer. Deepfake meetings impersonating company executives, which trick employees into downloading malicious extensions. Exposed ASP.NET machine keys that open the…
Ivanti Desktop and Server Management Vulnerability Allows Attackers to Escalate Privileges
Ivanti has issued a security update for its Desktop and Server Management (DSM) software, addressing a high-severity vulnerability that could allow a local authenticated attacker…
Microsoft Patch Tuesday, March 2026 Edition – Krebs on Security
Microsoft Corp. today pushed security updates to fix at least 77 vulnerabilities in its Windows operating systems and other software. There are no pressing “zero-day”…
Microsoft Patch Tuesday security updates for March 2026 fixed 84 bugs
Microsoft Patch Tuesday security updates for March 2026 fixed 84 bugs Pierluigi Paganini March 10, 2026 Microsoft Patch Tuesday security updates for March 2026 addressed…
March Patch Tuesday: Three high severity holes in Microsoft Office
Satnam Narang, senior staff research engineer at Tenable, commented on the fix for Azure Model Context Protocol (MCP) tools. “This bug is a server-side request…
Build a Stronger Security Awareness Program with Huntress
One of the most effective ways to stop a cyberattack is to implement a security awareness training program. Every employee, from the C-suite to the…
New ‘BlackSanta’ EDR killer spotted targeting HR departments
For more than a year, a Russian-speaking threat actor targeted human resource (HR) departments with malware that delivers a new EDR killer named BlackSanta. Described as…