All Microsoft Entra Tenants Were Exposed to Silent Compromise via Invisible Actor Tokens: Researcher
The strength of responsible disclosure is that it can solve problems before they are actioned. The weakness is that it...
Read more →News Archive
View All →
A suspected Scattered Spider member suspect detained for casino network attacks
A suspected Scattered Spider member suspect detained for casino network attacks Pierluigi Paganini September 23, 2025 A suspected Scattered Spider...
Read more →
EV Charging Provider Confirm Data Breach
Digital Charging Solutions GmbH (DCS), a leading provider of white-label charging services for automotive OEMs and fleet operators, has confirmed...
Read more →
How to Use 1Password’s Travel Mode at the Border (2025)
Enter VeraCrypt. It’s a free, open source encryption app that can encrypt full drives, as well as operating system partitions,...
Read more →
Zloader Malware Used as Gateway for Ransomware Deployment in Corporate Networks
Zloader, a sophisticated Zeus-based modular trojan that first emerged in 2015, has undergone a significant transformation from its original banking-focused...
Read more →
Inc Ransomware Claims 5.7 TB of Data Theft at Pennsylvania Attorney General
The notorious Inc ransomware group has taken responsibility for an August 2025 data breach at the Pennsylvania Attorney General’s office....
Read more →
Blackdot Videris Automate uses AI to speed OSINT, risk detection, and decision-making
Blackdot Solutions unveiled Videris Automate, a platform that delivers new AI capabilities to automate investigations and screening processes. The launch...
Read more →
‘Our worst day’: The untold story of the Electoral Commission cyber attack
Your worst day can begin so innocuously – you leave home, you stop to pick up your coffee order, you...
Read more →
Top 25 MCP Vulnerabilities Reveal How AI Agents Can Be Exploited
MCP has become an integral part of the expansion of agentic AI but comes with its own vulnerabilities. Model Context...
Read more →
$150K awarded for L1TF Reloaded exploit that bypasses cloud mitigations
$150K awarded for L1TF Reloaded exploit that bypasses cloud mitigations Pierluigi Paganini September 23, 2025 Researchers earned $150K for “L1TF...
Read more →
NPM package caught using QR Code to fetch cookie-stealing malware
Newly discovered npm package ‘fezbox’ employs QR codes to retrieve cookie-stealing malware from the threat actor’s server. The package, masquerading as a...
Read more →
GitHub Enhances NPM’s Security with Strict Authentication, Granular Tokens, and Trusted Publishing
Recent High-profile supply‐chain attacks have exposed critical weaknesses in package registry security, prompting GitHub to roll out a suite of...
Read more →