Cryptojacking Campaign Exploits DevOps APIs Using Off-the-Shelf Tools from GitHub

02/06/2025 0 Comments 0 tags

Cybersecurity researchers have discovered a new cryptojacking campaign that’s targeting publicly accessible DevOps web servers such as those associated with Docker, Gitea, and HashiCorp Consul and Nomad to illicitly mine

Qualcomm Fixes 3 Zero-Days Used in Targeted Android Attacks via Adreno GPU

02/06/2025 0 Comments 0 tags

Qualcomm has shipped security updates to address three zero-day vulnerabilities that it said have been exploited in limited, targeted attacks in the wild. The flaws in question, which were responsibly

⚡ Weekly Recap: APT Intrusions, AI Malware, Zero-Click Exploits, Browser Hijacks and More

02/06/2025 0 Comments 0 tags

If this had been a security drill, someone would’ve said it went too far. But it wasn’t a drill—it was real. The access? Everything looked normal. The tools? Easy to

The Secret Defense Strategy of Four Critical Industries Combating Advanced Cyber Threats

02/06/2025 0 Comments 0 tags

The evolution of cyber threats has forced organizations across all industries to rethink their security strategies. As attackers become more sophisticated — leveraging encryption, living-off-the-land techniques, and lateral movement to

Fake Recruiter Emails Target CFOs Using Legit NetBird Tool Across 6 Global Regions

02/06/2025 0 Comments 0 tags

Cybersecurity researchers have warned of a new spear-phishing campaign that uses a legitimate remote access tool called Netbird to target Chief Financial Officers (CFOs) and financial executives at banks, energy

New Linux Flaws Allow Password Hash Theft via Core Dumps in Ubuntu, RHEL, Fedora

31/05/2025 0 Comments 0 tags

Two information disclosure flaws have been identified in apport and systemd-coredump, the core dump handlers in Ubuntu, Red Hat Enterprise Linux, and Fedora, according to the Qualys Threat Research Unit

U.S. DoJ Seizes 4 Domains Supporting Cybercrime Crypting Services in Global Operation

31/05/2025 0 Comments 0 tags

A multinational law enforcement operation has resulted in the takedown of an online cybercrime syndicate that offered services to threat actors to ensure that their malicious software stayed undetected from

New EDDIESTEALER Malware Bypasses Chrome’s App-Bound Encryption to Steal Browser Data

30/05/2025 0 Comments 0 tags

A new malware campaign is distributing a novel Rust-based information stealer dubbed EDDIESTEALER using the popular ClickFix social engineering tactic initiated via fake CAPTCHA verification pages. “This campaign leverages deceptive

From the “Department of No” to a “Culture of Yes”: A Healthcare CISO’s Journey to Enabling Modern Care

30/05/2025 0 Comments 0 tags

Breaking Out of the Security Mosh Pit When Jason Elrod, CISO of MultiCare Health System, describes legacy healthcare IT environments, he doesn’t mince words: “Healthcare loves to walk backwards into

China-Linked Hackers Exploit SAP and SQL Server Flaws in Attacks Across Asia and Brazil

30/05/2025 0 Comments 0 tags

The China-linked threat actor behind the recent in-the-wild exploitation of a critical security flaw in SAP NetWeaver has been attributed to a broader set of attacks targeting organizations in Brazil,