Why We Built a Museum Instead of a Booth — API Security
Think you know what to expect from a conference booth? Think again. Forget the cliches: the swag destined for the back of your wardrobe, the…
Latest Cybersecurity News — Page 1657
View all →
Hackers Can Manipulate BitLocker Registry Keys Via WMI to Execute Malicious Code as Interactive User
A novel lateral movement technique that exploits BitLocker’s Component Object Model (COM) functionality to execute malicious code on target systems. The technique, demonstrated through the…
The US Military Is Raking in Millions From On-Base Slot Machines
When Dave Yeager stumbled upon the chamber of shiny, casino-style slot machines, he felt an instant pull. It was his first night of deployment in…
ShadowSyndicate infrastructure Used by Multiple ransomware Groups Including Cl0p, LockBit and RansomHub
Cybersecurity researchers have uncovered significant overlaps between the attack infrastructure of ShadowSyndicate, also known as Infra Storm by Group-IB, and several prominent ransomware-as-a-service (RaaS) operations.…
The Wild West of Shadow IT
Everyone’s an IT decision-maker now. The employees in your organization can install a plugin with just one click, and they don’t need to clear it…
Mozilla warns of phishing attacks targeting add-on developers
Mozilla has warned browser extension developers of an active phishing campaign targeting accounts on its official AMO (addons.mozilla.org) repository. Mozilla’s add-on platform hosts over 60,000…
Critical HashiCorp Vulnerability Execute Arbitrary Code on Underlying Host
A critical HashiCorp security vulnerability affecting Vault Community Edition and Enterprise versions could allow privileged operators to execute arbitrary code on underlying host systems. The…
North Korea Hiding Malware Within JPEG Files to Attack Windows Systems Bypassing Detections
Security researchers at Genians Security Center have uncovered a sophisticated new variant of the RoKRAT malware, attributed to the North Korean-linked APT37 threat group, which…
Interview: How ITSM helps deliver results at McLaren Racing
The Formula 1 (F1) teams at had a two-week break before heading to Circuit de Spa-Francorchamps (Spa) for the Belgium Grand Prix, but there is…
Nation-state group CL-STA-0969 targeted Southeast Asian telecoms in 2024
Nation-state group CL-STA-0969 targeted Southeast Asian telecoms in 2024 Pierluigi Paganini August 04, 2025 State-backed group CL-STA-0969 hit Southeast Asian telecoms in 2024, targeting critical…
AI-Powered Code Editor Cursor IDE Vulnerability Enables Remote Code Without User Interaction
A severe vulnerability in the popular AI-powered code editor Cursor IDE, dubbed “CurXecute,” allows attackers to execute arbitrary code on developers’ machines without any user…
Lovense flaws expose emails and allow account takeover
Lovense flaws expose emails and allow account takeover Pierluigi Paganini August 04, 2025 Lovense fixed bugs exposing emails and allowing account takeovers. Company CEO may…