The China-linked threat actor known as Winnti has been attributed to a new campaign dubbed RevivalStone that targeted Japanese companies in the manufacturing, materials, and energy sectors in March 2024.… Read More »Winnti APT41 Targets Japanese Firms in RevivalStone Cyber Espionage Campaign
Is AI really reshaping the cyber threat landscape, or is the constant drumbeat of hype drowning out actual, more tangible, real-world dangers? According to Picus Labs’ Red Report 2025 which… Read More »Debunking the AI Hype: Inside Real Hacker Tactics
Security vulnerabilities have been disclosed in Xerox VersaLink C7025 Multifunction printers (MFPs) that could allow attackers to capture authentication credentials via pass-back attacks via Lightweight Directory Access Protocol (LDAP) and… Read More »New Xerox Printer Flaws Could Let Attackers Capture Windows Active Directory Credentials
Cybersecurity researchers have flagged a credit card stealing malware campaign that has been observed targeting e-commerce sites running Magento by disguising the malicious content within image tags in HTML code… Read More »Cybercriminals Exploit Onerror Event in Image Tags to Deploy Payment Skimmers
Microsoft said it has discovered a new variant of a known Apple macOS malware called XCSSET as part of limited attacks in the wild. “Its first known variant since 2022,… Read More »Microsoft Uncovers New XCSSET macOS Malware Variant with Advanced Obfuscation Tactics
South Korea has formally suspended new downloads of Chinese artificial intelligence (AI) chatbot DeepSeek in the country until the service makes changes to its mobile apps to comply with data… Read More »South Korea Suspends DeepSeek AI Downloads Over Privacy Violations
Cyber threats evolve—has your defense strategy kept up? A new free guide available here explains why Continuous Threat Exposure Management (CTEM) is the smart approach for proactive cybersecurity. This concise… Read More »CISO’s Expert Guide To CTEM And Why It Matters
Cybersecurity researchers have shed light on a new Golang-based backdoor that uses Telegram as a mechanism for command-and-control (C2) communications. Netskope Threat Labs, which detailed the functions of the malware,… Read More »New Golang-Based Backdoor Uses Telegram Bot API for Evasive C2 Operations
Welcome to this week’s Cybersecurity News Recap. Discover how cyber attackers are using clever tricks like fake codes and sneaky emails to gain access to sensitive data. We cover everything… Read More »⚡ THN Weekly Recap: Google Secrets Stolen, Windows Hack, New Crypto Scams and More
Google is working on a new security feature for Android that blocks device owners from changing sensitive settings when a phone call is in progress. Specifically, the in-call anti-scammer protections… Read More »Android’s New Feature Blocks Fraudsters from Sideloading Apps During Calls