Identity Security Has an Automation Problem—And It’s Bigger Than You Think

22/05/2025 0 Comments 0 tags

For many organizations, identity security appears to be under control. On paper, everything checks out. But new research from Cerby, based on insights from over 500 IT and security leaders,

FBI and Europol Disrupt Lumma Stealer Malware Network Linked to 10 Million Infections

22/05/2025 0 Comments 0 tags

A sprawling operation undertaken by global law enforcement agencies and a consortium of private sector firms has disrupted the online infrastructure associated with a commodity information stealer known as Lumma

Russian Hackers Exploit Email and VPN Vulnerabilities to Spy on Ukraine Aid Logistics

21/05/2025 0 Comments 0 tags

Russian cyber threat actors have been attributed to a state-sponsored campaign targeting Western logistics entities and technology companies since 2022. The activity has been assessed to be orchestrated by APT28

PureRAT Malware Spikes 4x in 2025, Deploying PureLogs to Target Russian Firms

21/05/2025 0 Comments 0 tags

Russian organizations have become the target of a phishing campaign that distributes malware called PureRAT, according to new findings from Kaspersky. “The campaign aimed at Russian business began back in

Securing CI/CD workflows with Wazuh

21/05/2025 0 Comments 0 tags

Continuous Integration and Continuous Delivery/Deployment (CI/CD) refers to practices that automate how code is developed and released to different environments. CI/CD pipelines are fundamental in modern software development, ensuring code

Fake Kling AI Facebook Ads Deliver RAT Malware to Over 22 Million Potential Victims

21/05/2025 0 Comments 0 tags

Counterfeit Facebook pages and sponsored ads on the social media platform are being employed to direct users to fake websites masquerading as Kling AI with the goal of tricking victims

How to Detect Phishing Attacks Faster: Tycoon2FA Example

21/05/2025 0 Comments 0 tags

It takes just one email to compromise an entire system. A single well-crafted message can bypass filters, trick employees, and give attackers the access they need. Left undetected, these threats

Researchers Expose PWA JavaScript Attack That Redirects Users to Adult Scam Apps

21/05/2025 0 Comments 0 tags

Cybersecurity researchers have discovered a new campaign that employs malicious JavaScript injections to redirect site visitors on mobile devices to a Chinese adult-content Progressive Web App (PWA) scam. “While the

Google Chrome Can Now Auto-Change Compromised Passwords Using Its Built-In Manager

21/05/2025 0 Comments 0 tags

Google has announced a new feature in its Chrome browser that lets its built-in Password Manager automatically change a user’s password when it detects the credentials to be compromised. “When

Hazy Hawk Exploits DNS Records to Hijack CDC, Corporate Domains for Malware Delivery

20/05/2025 0 Comments 0 tags

A threat actor known as Hazy Hawk has been observed hijacking abandoned cloud resources of high-profile organizations, including Amazon S3 buckets and Microsoft Azure endpoints, by leveraging misconfigurations in the