Cyble Research and Intelligence Labs (CRIL) has recently uncovered a malicious crypto phishing campaign where more than 20 malicious applications on the Google Play Store were designed to target...

This is a weekly threat intelligence report review from RST Cloud. This week, we analysed 75 threat intelligence reports and compiled a brief summary of each, along with the pertinent metadata...

Honeywell’s 2025 Cybersecurity Threat Report reveals energy, manufacturing and other critical industrial sectors face significant escalation in threats.

A financially motivated group of hackers known as UNC6040 is using a surprisingly simple but effective tactic to…

Cybersecurity researchers have flagged a supply chain attack targeting over a dozen packages associated with GlueStack to deliver malware. The malware, introduced via a change to...

Cybersecurity researchers have shed light on a new campaign targeting Brazilian users since the start of 2025 to infect users with a malicious extension for Chromium-based web browsers and siphon...

One IP to 250 IoC - The Power of Pivoting

A new variant of the Mirai malware botnet is exploiting a command injection vulnerability in TBK DVR-4104 and DVR-4216 digital video recording devices to hijack them. [...]

Introduction On 6 June 2025, the Council of the European Union adopted a revised Cybersecurity Blueprint through Council... The post The EU’s Cybersecurity Blueprint and the Future of Cyber Crisis...

As the manufacturing sector increasingly adopts digital transformation, cybersecurity has become a core requirement, not just for protecting... The post Manufacturing cybersecurity strategies come...

In a White House fact sheet, the administration claims that Biden’s Executive Order 14144 — signed days before the end of his presidency — was an attempt “to sneak problematic and distracting...

Over 20 malicious apps on Google Play are stealing crypto seed phrases by posing as trusted wallets and exchanges, putting users' funds at risk.

A significant supply chain attack hit NPM after 15 popular Gluestack packages with over 950,000 weekly downloads were compromised to include malicious code that acts as a remote access trojan (RAT). [...]

Plus: A 22-year-old former intern gets put in charge of a key anti-terrorism program, threat intelligence firms finally wrangle their confusing names for hacker groups, and more.

Two malicious packages have been discovered in the npm JavaScript package index, which masquerades as useful utilities but, in reality, are destructive data wipers that delete entire application...

In June 2022, the Japanese record chain store Disk Union suffered a data breach. The incident exposed 690k unique email addresses along with names, post codes, phone numbers and plain text passwords.

The daily grind in a SOCIt’s 2 a.m. The SIEM lights up with alerts that all look the same. Your overnight analyst yawns, wondering which one hides real danger. Ten minutes later, data starts...

The daily grind in a SOCIt’s 2 a.m. The SIEM lights up with alerts that all look the same. Your overnight analyst yawns, wondering which one hides real danger. Ten minutes later, data starts...

Originally published at Arachne Digital.The daily grind in a SOCIt’s 2 a.m. The SIEM lights up with alerts that all look the same. Your overnight analyst yawns, wondering which one hides real...

Exclusive: The company's co-founder and CTO blame a former employee for a breach, but cannot rule out that it wasn't.

A threat actor compromised 16 highly popular React Native and GlueStack packages, collectively downloaded over a million times weekly. The attackers inserted a stealthy backdoor into these...

The administration has yet to release the text of the order, instead summarizing it in a fact sheet. The post Trump cyber executive order takes aim at prior orders, secure software, more appeared...

Cybersecurity researchers are alerting to a new malware campaign that employs the ClickFix social engineering tactic to trick users into downloading an information stealer malware known as Atomic...

Anthropic's long-term benefit trust is a governance mechanism that Anthropic claims helps it promote safety over profit, and which has the power to elect some of the company's board of directors.

A parliamentary investigation answered some — but not all — the questions related to a spyware scandal involving the use of the Israeli company’s spyware, Graphite.

When generative AI tools became widely available in late 2022, it wasn’t just technologists who paid attention. Employees across all industries immediately recognized the potential of generative...

In an effort to evade detection, cybercriminals are increasingly turning to “residential proxy” services that cover their tracks by making it look like everyday online activity.

India's Central Bureau of Investigation (CBI) has revealed that it has arrested four individuals and dismantled two illegal call centers that were found to be engaging in a sophisticated...

Popular Chrome extensions exposed user data by sending it over unencrypted HTTP, raising privacy concerns. Symantec urges caution for users.

Police seize major dark market, APT targets Kurdish and Iraqi government officials, and actors abuse AI to compromise software supply chains.