Jun 28, 2025Ravie LakshmananPrivacy / Data Protection Facebook, the social network platform owned by Meta, is asking for users to […]
Category: Security
Microsoft changes Windows in attempt to prevent next CrowdStrike-style catastrophe
Working with third-party companies to define these standards and address those companies’ concerns seems to be Microsoft’s way of trying […]
Over 1,000 SOHO Devices Hacked in China-linked LapDogs Cyber Espionage Campaign
Jun 27, 2025Ravie LakshmananThreat Hunting / Vulnerability Threat hunters have discovered a network of more than 1,000 compromised small office […]
PUBLOAD and Pubshell Malware Used in Mustang Panda’s Tibet-Specific Attack
Jun 27, 2025Ravie LakshmananVulnerability / Cyber Espionage A China-linked threat actor known as Mustang Panda has been attributed to a […]
Business Case for Agentic AI SOC Analysts
Security operations centers (SOCs) are under pressure from both sides: threats are growing more complex and frequent, while security budgets […]
Chinese Group Silver Fox Uses Fake Websites to Deliver Sainbox RAT and Hidden Rootkit
Jun 27, 2025Ravie LakshmananMalware / Cyber Attack A new campaign has been observed leveraging fake websites advertising popular software such […]
MOVEit Transfer Faces Increased Threats as Scanning Surges and CVE Flaws Are Targeted
Jun 27, 2025Ravie LakshmananNetwork Security / Vulnerability Threat intelligence firm GreyNoise is warning of a “notable surge” in scanning activity […]
OneClik Malware Targets Energy Sector Using Microsoft ClickOnce and Golang Backdoors
Cybersecurity researchers have detailed a new campaign dubbed OneClik that leverages Microsoft’s ClickOnce software deployment technology and bespoke Golang backdoors […]
Actively exploited vulnerability gives extraordinary control over server fleets
On Wednesday, CISA added CVE-2024-54085 to its list of vulnerabilities known to be exploited in the wild. The notice provided […]
Critical Open VSX Registry Flaw Exposes Millions of Developers to Supply Chain Attacks
Jun 26, 2025Ravie LakshmananOpen Source / Vulnerability Cybersecurity researchers have disclosed a critical vulnerability in the Open VSX Registry (“open-vsx[.]org”) […]