Microsoft has disclosed details of a large-scale malvertising campaign that’s estimated to have impacted over one million devices globally as part of what it said is an opportunistic attack designed… Read More »Microsoft Warns of Malvertising Campaign Infecting Over 1 Million Devices Worldwide
Are you tired of dealing with outdated security tools that never seem to give you the full picture? You’re not alone. Many organizations struggle with piecing together scattered information, leaving… Read More »Webinar: Learn How ASPM Transforms Application Security from Reactive to Proactive
Access on-demand webinar here Avoid a $100,000/month Compliance Disaster March 31, 2025: The Clock is Ticking. What if a single overlooked script could cost your business $100,000 per month in… Read More »What PCI DSS v4 Really Means – Lessons from A&F Compliance Journey
A coalition of international law enforcement agencies has seized the website associated with the cryptocurrency exchange Garantex (“garantex[.]org”), nearly three years after the service was sanctioned by the U.S. Treasury… Read More »U.S. Secret Service Seizes Russian Garantex Crypto Exchange Website
Cybersecurity researchers have discovered a malicious Python package on the Python Package Index (PyPI) repository that’s equipped to steal a victim’s Ethereum private keys by impersonating popular libraries. The package… Read More »This Malicious PyPI Package Stole Ethereum Private Keys via Polygon RPC Transactions
Safe{Wallet} has revealed that the cybersecurity incident that led to the Bybit $1.5 billion crypto heist is a “highly sophisticated, state-sponsored attack,” stating the North Korean threat actors behind the… Read More »Safe{Wallet} Confirms North Korean TraderTraitor Hackers Stole $1.5 Billion in Bybit Heist
Threat actors of unknown provenance have been attributed to a malicious campaign predominantly targeting organizations in Japan since January 2025. “The attacker has exploited the vulnerability CVE-2024-4577, a remote code… Read More »PHP-CGI RCE Flaw Exploited in Attacks on Japan’s Tech, Telecom, and E-Commerce Sectors
The threat actors behind the Medusa ransomware have claimed nearly 400 victims since it first emerged in January 2023, with the financially motivated attacks witnessing a 42% increase between 2023… Read More »Medusa Ransomware Hits 40+ Victims in 2025, Demands $100K–$15M Ransom
The financially motivated threat actor known as EncryptHub has been observed orchestrating sophisticated phishing campaigns to deploy information stealers and ransomware, while also working on a new product called EncryptRAT.… Read More »EncryptHub Deploys Ransomware and Stealer via Trojanized Apps, PPI Services, and Phishing
Elastic has rolled out security updates to address a critical security flaw impacting the Kibana data visualization dashboard software for Elasticsearch that could result in arbitrary code execution. The vulnerability,… Read More »Elastic Releases Urgent Fix for Critical Kibana Vulnerability Enabling Remote Code Execution