Google Releases Android Update to Patch Two Actively Exploited Vulnerabilities

08/04/2025 0 Comments 0 tags

Google has shipped patches for 62 vulnerabilities, two of which it said have been exploited in the wild. The two high-severity vulnerabilities are listed below – CVE-2024-53150 (CVSS score: 7.8)

CISA and FBI Warn Fast Flux is Powering Resilient Malware, C2, and Phishing Networks

07/04/2025 0 Comments 0 tags

Cybersecurity agencies from Australia, Canada, New Zealand, and the United States have published a joint advisory about the risks associated with a technique called fast flux that has been adopted

⚡ Weekly Recap: VPN Exploits, Oracle’s Silent Breach, ClickFix Comeback and More

07/04/2025 0 Comments 0 tags

Today, every unpatched system, leaked password, and overlooked plugin is a doorway for attackers. Supply chains stretch deep into the code we trust, and malware hides not just in shady

Security Theater: Vanity Metrics Keep You Busy – and Exposed

07/04/2025 0 Comments 0 tags

After more than 25 years of mitigating risks, ensuring compliance, and building robust security programs for Fortune 500 companies, I’ve learned that looking busy isn’t the same as being secure. 

PoisonSeed Exploits CRM Accounts to Launch Cryptocurrency Seed Phrase Poisoning Attacks

07/04/2025 0 Comments 0 tags

A malicious campaign dubbed PoisonSeed is leveraging compromised credentials associated with customer relationship management (CRM) tools and bulk email providers to send spam messages containing cryptocurrency seed phrases in an

Microsoft Credits EncryptHub, Hacker Behind 618+ Breaches, for Disclosing Windows Flaws

05/04/2025 0 Comments 0 tags

A likely lone wolf actor behind the EncryptHub persona was acknowledged by Microsoft for discovering and reporting two security flaws in Windows last month, painting a picture of a “conflicted”

North Korean Hackers Deploy BeaverTail Malware via 11 Malicious npm Packages

05/04/2025 0 Comments 0 tags

The North Korean threat actors behind the ongoing Contagious Interview campaign are spreading their tentacles on the npm ecosystem by publishing more malicious packages that deliver the BeaverTail malware, as

Malicious Python Packages on PyPI Downloaded 39,000+ Times, Steal Sensitive Data

05/04/2025 0 Comments 0 tags

Cybersecurity researchers have uncovered malicious libraries in the Python Package Index (PyPI) repository that are designed to steal sensitive information. Two of the packages, bitcoinlibdbfix and bitcoinlib-dev, masquerade as fixes

SpotBugs Access Token Theft Identified as Root Cause of GitHub Supply Chain Attack

04/04/2025 0 Comments 0 tags

The cascading supply chain attack that initially targeted Coinbase before becoming more widespread to single out users of the “tj-actions/changed-files” GitHub Action has been traced further back to the theft

OPSEC Failure Exposes Coquettte’s Malware Campaigns on Bulletproof Hosting Servers

04/04/2025 0 Comments 0 tags

A novice cybercrime actor has been observed leveraging the services of a Russian bulletproof hosting (BPH) provider called Proton66 to facilitate their operations. The findings come from DomainTools, which detected