When European fintech companies set their sights on the lucrative U.S. market, they often underestimate one of the…

On Monday, the United Kingdom's privacy watchdog announced that it is investigating TikTok, Reddit, and Imgur because of privacy concerns about how they are processing children's data. [...]

At the end of last year, Bellingcat released a set of online challenges that we hoped would test the skills of our audience and the wider open source investigator community. We wanted the...

Malware authors use AES encryption and code virtualization to evade sandbox static analysis. We explore how this facilitates spread of Agent Tesla, XWorm and more. The post Uncovering .NET Malware...

Brazil, South Africa, Indonesia, Argentina, and Thailand have become the targets of a campaign that has infected Android TV devices with a botnet malware dubbed Vo1d. The improved variant of Vo1d...

The Information Commissioner’s Office is now investigating how TikTok uses 13–17-year-olds’ personal information

The Toronto Zoo has disclosed a cyberattack that targeted the Zoo in early January 2024. The zoo has since conducted an extensive analysis to understand the full scope of the breach and notify...

The most notable mobile threats of 2024, and statistics on Android-specific malware, adware and potentially unwanted software.

Take a moment to think beyond our current capabilities and consider what might come next in the grand story of evolution

In a post for the World Economic Forum (WEF), three key trends have been identified as shaping the... The post Geopolitics, AI, and generational shifts: Three key trends reshaping the future of...

​Microsoft says a coding issue is behind a now-resolved Microsoft 365 outage over the weekend that affected Outlook and Exchange Online authentication. [...]

Threat actors are exploiting a zero-day bug in Paragon Partition Manager's BioNTdrv.sys driver during ransomware attacks

This is a weekly threat intelligence report review from RST Cloud. This week, we analysed 52 threat intelligence reports and compiled a concise summary of each report, along with the extracted...

Poland's cybersecurity services detected a breach of POLSA’s IT infrastructure. Immediate action was taken, and an investigation is underway to identify the attackers.

A Minnesota cybersecurity and computer forensics expert whose testimony has featured in thousands of courtroom trials over the past 30 years is facing questions about his credentials and an...

Bulletproof Malware

QR phishing is on the rise, tricking users into scanning malicious QR codes. Learn how cybercriminals exploit QR codes and how to protect yourself.

Close to 12,000 valid secrets that include API keys and passwords have been found in the Common Crawl dataset used for training multiple artificial intelligence models. [...]

As the boundaries between IT and OT environments blur and regulators move to bolster ICS cybersecurity across critical... The post Highlighting focus on rise of industrial CISOs to balance...

Client-side path traversal (CSPT) is a classic path traversal but on the client-side. In particular, it's about tricking how an API works to make requests to the incorrect API. This can be used to...

Go is built to run concurrent code. In this CTF challenge, a subtle issue is abused around concurrency. The challenge has key-value store HTTP service. The service also has an arbitrary file read...

Firefox browser maker Mozilla on Friday updated its Terms of Use a second time within a week following criticism overbroad language that appeared to give the company the rights to all information...

Plus: The FBI pins that ByBit theft on North Korea, a malicious app download breaches Disney, spyware targets a priest close to the pope, and more.

Microsoft had discovered five Paragon Partition Manager BioNTdrv.sys driver flaws, with one used by ransomware gangs in zero-day attacks to gain SYSTEM privileges in Windows. [...]

This week we are joined by Phil Stokes, threat researcher at SentinelOne's SentinelLabs, discussing their work on "macOS FlexibleFerret | Further Variants of DPRK Malware Family Unearthed." Apple...

Sweden will seek backdoor access to encrypted messaging apps. Cellebrite suspends services in Serbia following allegations of misuse.

On February 27, 2025, Zapier detected that an unauthorized user had accessed some of its internal code repositories due to a two-factor authentication (2FA) misconfiguration on an employee’s...

Tim Brown didn’t call for indemnification laws, but suggested that CISOs dealing with legal implications for cyberattacks is stressful and a distraction from their core work. The post SolarWinds...

A 23-year-old Serbian youth activist had their Android phone targeted by a zero-day exploit developed by Cellebrite to unlock the device, according to a new report from Amnesty International. "The...

Qilin ransomware gang claims responsibility for attack against Lee Enterprises. Thai police arrest suspected hacker behind more than 90 data leaks. JavaGhost uses compromised AWS environments to...