Unit 42 details a new malware obfuscation technique where threat actors hide malware in bitmap resources within .NET applications. These deliver payloads like Agent Tesla or XLoader. The post...
I found a solution to make AirTags, the best finder tags right now, easier to use despite their awkward UFO-like design.
A China-linked unnamed threat actor dubbed Chaya_004 has been observed exploiting a recently disclosed security flaw in SAP NetWeaver. Forescout Vedere Labs, in a report published today, said it...
Google has released new details on how artificial intelligence (AI) is being used across its platforms to combat a growing wave of online scams. In its latest Fighting Scams in Search report, the...
GCHQ’s National Cyber Security Centre (NCSC) has warned that U.K. critical systems are facing growing risks due to... The post NCSC warns UK critical systems face rising threats from AI-driven...
Google’s Threat Intelligence Group (GTIG) has observed a decline in activity from UNC3944—also known as Scattered Spider—a financially... The post Mandiant links DragonForce ransomware attacks on...
ColorTokens Inc., a vendor of zero trust microsegmentation, announced on Thursday an integration with Nozomi Networks, the leader... The post ColorTokens, Nozomi deliver unified zero trust...
Ubiquity has disclosed two security vulnerabilities affecting its widely used video surveillance platform, UniFi Protect. One of the flaws, now assigned the identifier CVE-2025-23123, has been...
The FBI has detected indicators of malware targeting end-of-life routers associated with Anyproxy and 5Socks proxy services
In this special edition of the Cybersecurity Snapshot, we bring you some of the most valuable guidance offered by the U.K. National Cyber Security Centre (NCSC) in the past 18 months. Check out...
Here’s a brief dive into the murky waters of shape-shifting attacks that leverage dedicated phishing kits to auto-generate customized login pages on the fly
PowerSchool said its customers had been hit by new extortion demands using data stolen in a previous attack, despite attacker claims the data had been deleted
India and Pakistan have been trading blows in the wake of a militant attack on tourists in Indian-administered Kashmir last month. On May 7, India said it had launched missile strikes in Pakistan...
Heard of polymorphic browser extensions yet? You will. These savage imposters threaten the very future of credential management. Here's what you need to know - and do.
The Federal Bureau of Investigation (FBI) has issued a warning about the TheMoon malware. The warning also stresses the dramatic uptick in cyberattacks targeting aging internet routers, especially...
The Toronto District School Board (TDSB) has informed parents and staff of a renewed cyber threat following a major data breach involving education technology giant PowerSchool. The extortion...
On the Google Cloud CLI gcloud, the authentication process works using OAuth and a server that is quickly setup on the computer at localhost:50000. This means that http://localhost is actually a...
It’s May, which means it’s Maintainer Month, a time to spotlight the people who quietly keep the digital world running: open source maintainers.We’re talking about the folks patching that package...
The new LMX-1204G-SFP-T-BABA Gigabit Ethernet switch has been recognized as winner in 2025 GOVIES Government Security Awards.
Cloud-native applications offer scalable, automated workflows, intelligent data processing, and seamless deployments. However, many organizations still struggle to…
CBP's acting commissioner has rescinded four Biden-era policies that aimed to protect vulnerable people in the agency's custody, including mothers, infants, and the elderly.
In April, South Korea’s telco giant SK Telecom (SKT) was hit by a cyberattack that led to the theft of personal data on approximately 23 million customers, equivalent to almost half of the...
Cybersecurity researchers have exposed what they say is an "industrial-scale, global cryptocurrency phishing operation" engineered to steal digital assets from cryptocurrency wallets for several...
He’s the latest Democrat who sits on an appropriations panel to sharply criticize CISA personnel reductions and proposed funding cuts. The post Sen. Murphy: Trump administration has ‘illegally...
PowerSchool paid ransom after a major data breach; now hackers are targeting teachers and schools with direct extortion…
As tensions flare and the possibility of full blown armed conflict between India and Pakistan grows, there is a need not just for restraint and awareness but also for digital discipline - a...
SonicWall has released patches to address three security flaws affecting SMA 100 Secure Mobile Access (SMA) appliances that could be fashioned to result in remote code execution. The...
Threat actors with ties to the Qilin ransomware family have leveraged malware known as SmokeLoader along with a previously undocumented .NET compiled loader codenamed NETXLOADER as part of a...
The FBI warns that threat actors are deploying malware on end-of-life (EoL) routers to convert them into proxies sold on the 5Socks and Anyproxy networks. [...]
How do attackers exploit authority bias to manipulate victims? Martin shares proactive strategies to protect yourself and others in this must-read edition of the Threat Source newsletter.