A new phishing campaign is targeting e-commerce shoppers in Europe and the United States with bogus pages that mimic legitimate brands with the goal of stealing their personal information ahead… Read More »Fake Discount Sites Exploit Black Friday to Hijack Shopper Information
Legal documents released as part of an ongoing legal tussle between Meta’s WhatsApp and NSO Group have revealed that the Israeli spyware vendor used multiple exploits targeting the messaging app… Read More »NSO Group Exploited WhatsApp to Install Pegasus Spyware Even After Meta’s Lawsuit
A critical authentication bypass vulnerability has been disclosed in the Really Simple Security (formerly Really Simple SSL) plugin for WordPress that, if successfully exploited, could grant an attacker to remotely… Read More »Urgent: Critical WordPress Plugin Vulnerability Exposes Over 4 Million Sites
Palo Alto Networks has released new indicators of compromise (IoCs) a day after the network security vendor confirmed that a new zero-day vulnerability impacting its PAN-OS firewall management interface has… Read More »PAN-OS Firewall Vulnerability Under Active Exploitation – IoCs Released
A threat actor known as BrazenBamboo has exploited an unresolved security flaw in Fortinet’s FortiClient for Windows to extract VPN credentials as part of a modular framework called DEEPDATA. Volexity,… Read More »Warning: DEEPDATA Malware Exploiting Unpatched Fortinet Flaw to Steal VPN Credentials
Cybersecurity researchers have shed light on a new remote access trojan and information stealer used by Iranian state-sponsored actors to conduct reconnaissance of compromised endpoints and execute malicious commands. Cybersecurity… Read More »Iranian Hackers Deploy WezRat Malware in Attacks Targeting Israeli Organizations
In the fast-paced digital world, trust is everything—but what happens when that trust is disrupted? Certificate revocations, though rare, can send shockwaves through your operations, impacting security, customer confidence, and… Read More »Master Certificate Management: Join This Webinar on Crypto Agility and Best Practices
Cybersecurity researchers have disclosed two security flaws in Google’s Vertex machine learning (ML) platform that, if successfully exploited, could allow malicious actors to escalate privileges and exfiltrate models from the… Read More »Researchers Warn of Privilege Escalation Risks in Google’s Vertex AI ML Platform
A Vietnamese-speaking threat actor has been linked to an information-stealing campaign targeting government and education entities in Europe and Asia with a new Python-based malware called PXA Stealer. The malware… Read More »Vietnamese Hacker Group Deploys New PXA Stealer Targeting Europe and Asia
In recent years, artificial intelligence (AI) has begun revolutionizing Identity Access Management (IAM), reshaping how cybersecurity is approached in this crucial field. Leveraging AI in IAM is about tapping into… Read More »How AI Is Transforming IAM and Identity Security