Kimwolf DDoS Botnet Operator Arrested in Canada Over DDoS-for-Hire Attacks
The U.S. Department of Justice (DoJ) on Thursday announced the arrest of a Canadian man in connection with allegedly operating…
BlogThe Blog
Insights, tips, and news from the frontlines of cybersecurity.
Cisco Patches CVSS 10.0 Secure Workload REST API Flaw Enabling Data Access
Cisco has rolled out updates for a maximum-severity security flaw impacting Secure Workload that could allow an unauthenticated, remote attacker…
Blog
Showboat Linux Malware Hits Middle East Telecom with SOCKS5 Proxy Backdoor
Cybersecurity researchers have disclosed details of a new Linux malware dubbed Showboat that has been put to use in a…
Blog
ThreatsDay Bulletin: Linux Rootkits, Router 0-Day, AI Intrusions, Scam Kits and 25 New Stories
This week starts small. A token leaks. A bad package slips in. A login trick works. An old tool shows…
Blog
Microsoft Warns of Two Actively Exploited Defender Vulnerabilities
Microsoft has disclosed that a privilege escalation and a denial-of-service flaw in Defender has come under active exploitation in the…
Blog
When Identity is the Attack Path
Consider a cached access key on a single Windows machine. It got there the way most cached credentials do –…
Blog
GitHub Internal Repositories Breached via Malicious Nx Console VS Code Extension
GitHub on Wednesday officially confirmed that the breach of its internal repositories was the result of a compromise of an…
Blog
Highly Critical Drupal Core Flaw Exposes PostgreSQL Sites to RCE Attacks
Drupal has released security updates for a “highly critical” security vulnerability in Drupal Core that could be exploited by attackers…
Blog
Microsoft Open-Sources RAMPART and Clarity to Secure AI Agents During Development
Microsoft has unveiled two new open-source tools called RAMPART and Clarity to assist developers in better testing the security of…
Blog
Microsoft Takes Down Malware-Signing Service Behind Ransomware Attacks
Microsoft on Tuesday said it disrupted a malware-signing-as-a-service (MSaaS) operation that weaponized the company’s Artifact Signing system to deliver malicious…
Blog