Picture this: Your team rolls out some new code, thinking everything's fine. But hidden in there is...
Amazon Disrupts APT29 Watering Hole Campaign Abusing Microsoft Device Code Authentication
2 min read
Amazon on Friday said it flagged and disrupted what it described as an opportunistic watering hole campaign...
An abandoned update server associated with input method editor (IME) software Sogou Zhuyin was leveraged by threat...
Generative AI platforms like ChatGPT, Gemini, Copilot, and Claude are increasingly common in organizations. While these solutions...
Click Studios Patches Passwordstate Authentication Bypass Vulnerability in Emergency Access Page
2 min read
Click Studios, the developer of enterprise-focused password management solution Passwordstate, said it has released security updates to...
The Sangoma FreePBX Security Team has issued an advisory warning about an actively exploited FreePBX zero-day vulnerability...
Authorities from the Netherlands and the United States have announced the dismantling of an illicit marketplace called...
Google Warns Salesloft OAuth Breach Extends Beyond Salesforce, Impacting All Integrations
2 min read
Google has revealed that the recent wave of attacks targeting Salesforce instances via Salesloft Drift is much...
Cybersecurity researchers have discovered a cybercrime campaign that's using malvertising tricks to direct victims to fraudulent sites...
Picture this: Your team rolls out some new code, thinking everything's fine. But hidden in there is...
Researchers Find VS Code Flaw Allowing Attackers to Republish Deleted Extensions Under Same Names
3 min read
Cybersecurity researchers have discovered a loophole in the Visual Studio Code Marketplace that allows threat actors to...
Salt Typhoon Exploits Cisco, Ivanti, Palo Alto Flaws to Breach 600 Organizations Worldwide
4 min read
The China-linked advanced persistent threat (APT) actor known as Salt Typhoon has continued its attacks targeting networks...
Every day, businesses, teams, and project managers trust platforms like Trello, Asana, etc., to collaborate and manage...
Malicious Nx Packages in ‘s1ngularity’ Attack Leaked 2,349 GitHub, Cloud, and AI Credentials
4 min read
The maintainers of the nx build system have alerted users to a supply chain attack that allowed...
U.S. Treasury Sanctions DPRK IT-Worker Scheme, Exposing $600K Crypto Transfers and $1M+ Profits
3 min read
The U.S. Department of the Treasury's Office of Foreign Assets Control (OFAC) announced a fresh round of...
The financially motivated threat actor known as Storm-0501 has been observed refining its tactics to conduct data...
Cybersecurity company ESET has disclosed that it discovered an artificial intelligence (AI)-powered ransomware variant codenamed PromptLock.
Written in...
Anthropic Disrupts AI-Powered Cyberattacks Automating Theft and Extortion Across Critical Sectors
4 min read
Anthropic on Wednesday revealed that it disrupted a sophisticated operation that weaponized its artificial intelligence (AI)-powered chatbot...
A threat activity cluster known as ShadowSilk has been attributed to a fresh set of attacks targeting...
Employees are experimenting with AI at record speed. They are drafting emails, analyzing data, and transforming the...
