Microsoft: Russian-Linked Hackers Using ‘Device Code Phishing’ to Hijack Accounts

14/02/2025 0 Comments 0 tags

Microsoft is calling attention to an emerging threat cluster it calls Storm-2372 that has been attributed to a new set of cyber attacks aimed at a variety of sectors since

AI-Powered Social Engineering: Ancillary Tools and Techniques

14/02/2025 0 Comments 0 tags

Social engineering is advancing fast, at the speed of generative AI. This is offering bad actors multiple new tools and techniques for researching, scoping, and exploiting organizations. In a recent

PostgreSQL Vulnerability Exploited Alongside BeyondTrust Zero-Day in Targeted Attacks

14/02/2025 0 Comments 0 tags

Threat actors who were behind the exploitation of a zero-day vulnerability in BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) products in December 2024 likely also exploited a previously

Fast Deployments, Secure Code: Watch this Learn to Sync Dev and Sec Teams

14/02/2025 0 Comments 0 tags

Ever felt like your team is stuck in a constant battle? Developers rush to add new features, while security folks worry about vulnerabilities. What if you could bring both sides

North Korean APT43 Uses PowerShell and Dropbox in Targeted South Korea Cyberattacks

14/02/2025 0 Comments 0 tags

A nation-state threat actor with ties to North Korea has been linked to an ongoing campaign targeting South Korean business, government, and cryptocurrency sectors. The attack campaign, dubbed DEEP#DRIVE by

Hackers Use CAPTCHA Trick on Webflow CDN PDFs to Bypass Security Scanners

14/02/2025 0 Comments 0 tags

A widespread phishing campaign has been observed leveraging bogus PDF documents hosted on the Webflow content delivery network (CDN) with an aim to steal credit card information and commit financial

AI and Security – A New Puzzle to Figure Out

13/02/2025 0 Comments 0 tags

AI is everywhere now, transforming how businesses operate and how users engage with apps, devices, and services. A lot of applications now have some Artificial Intelligence inside, whether supporting a

Hackers Exploited PAN-OS Flaw to Deploy Chinese Malware in Ransomware Attack

13/02/2025 0 Comments 0 tags

An RA World ransomware attack in November 2024 targeting an unnamed Asian software and services company involved the use of a malicious tool exclusively used by China-based cyber espionage groups,

FINALDRAFT Malware Exploits Microsoft Graph API for Espionage on Windows and Linux

13/02/2025 0 Comments 0 tags

Threat hunters have shed light on a new campaign targeting the foreign ministry of an unnamed South American nation with bespoke malware capable of granting remote access to infected hosts.

Palo Alto Networks Patches Authentication Bypass Exploit in PAN-OS Software

13/02/2025 0 Comments 0 tags

Palo Alto Networks has addressed a high-severity security flaw in its PAN-OS software that could result in an authentication bypass. The vulnerability, tracked as CVE-2025-0108, carries a CVSS score of