Phishing has quietly turned into one of the hardest enterprise threats to expose early. Instead of crude lures and obvious payloads, modern campaigns rely on trusted infrastructure,...
Another Thursday, another pile of weird security stuff that somehow happened in just seven days. Some of it is clever. Some of it is lazy. A few bits fall into that uncomfortable category of...
This week, Joe talks about allyship and how being aware of an issue is the first step in helping to fix it.
A bipartisan bill would force the FBI to get a warrant to read Americans’ messages and ban the federal purchase of commercial data on US residents ahead of a critical April deadline.
[Control systems] ABB security advisory (AV26-232)
Zoom security advisory (AV26-231)
GitHub security advisory (AV26-230)
Still, out of an abundance of caution, Loblaw says it has automatically logged out all customers from their accounts. Account holders who need to access the company's digital services will have to...
In 2024, threat actors were already abusing URL rewriting mechanisms in phishing campaigns to mask malicious domains. Between the second and fourth quarters of 2025, LevelBlue SpiderLabs...
Key Findings Introduction Handala Hack, also tracked by Check Point Research as Void Manticore, is an Iranian threat actor that is known for multiple destructive wiping attacks combined with “hack...
The most dangerous phishing campaigns aren’t just designed to fool employees. Many are designed to exhaust the analysts investigating them. When a phishing investigation takes 12 hours instead of...
The botnet, which compromised routers and IoT devices in 163 countries, claimed about 369,000 victims and $5.8 million from its cybercriminal customers, officials said. The post Authorities...
England Hockey, the governing body for field hockey in England, is investigating a potential data breach after the AiLock ransomware gang listed it as a victim on its data leak site. [...]
Veeam security advisory (AV26-229)
International cops stuck down 23 servers in 7 countries Cops from eight countries this week disrupted SocksEscort, a residential proxy service used by criminals to compromise hundreds of thousands...
Palo Alto Networks security advisory (AV26-228)
Amid a paralyzing breach of medical tech firm Stryker, the group has come to represent Iran's use of “hacktivism” as cover for chaotic, retaliatory state-sponsored cyberattacks.
A new malware strain dubbed Slopoly, likely created using generative AI tools, allowed a threat actor to remain on a compromised server for more than a week and steal data in an Interlock...
Apple on Wednesday backported fixes for a security flaw in iOS, iPadOS, and macOS Sonoma to older versions after it was found to be used as part of the Coruna exploit kit. The vulnerability,...
The cybersecurity implications of the war in the Middle East extend far beyond the region. Here’s where to focus your defenses.
No rest for project maintainers battered by slew of vulnerability disclosures The US Cybersecurity and Infrastructure Security Agency (CISA) has confirmed that hackers are exploiting a...
The era of autonomous warfare will not announce itself with robotic armies marching across battlefields. Instead, it is already emerging, quietly and inexorably, in the skies and fields of eastern...
Angelo Martino is accused of playing both sides — committing attacks and conducting ransomware negotiations on some of the same cases on behalf of his former employer. The post Feds say another...
Cybersecurity researchers have discovered half-a-dozen new Android malware families that come with capabilities to steal data from compromised devices and conduct financial fraud. The Android...
The new national cyber strategy is light on details, and implementation details could come in the form of executive orders and other actions to advance implementation of the White House’s goals....
Iran targeted the world’s busiest international airport Wednesday and attacked commercial ships as U.S. and Israeli strikes rocked Tehran, while the United Nations’ most powerful body demanded a...
Splunk security advisory (AV26-227)
Russia is helping Iran with advanced drone tactics from its war in Ukraine to hit U.S. and Gulf nation targets in the Middle East, according to a Western intelligence official. Shahed drones,...
A hacktivist group with links to Iran’s intelligence agencies is claiming responsibility for a data-wiping attack against Stryker, a global medical technology company based in Michigan. News...
Data protection company Veeam Software has patched multiple flaws in its Backup & Replication solution, including four critical remote code execution (RCE) vulnerabilities. [...]