​Cybersecurity researchers have called attention to a software supply chain attack targeting the Go ecosystem that involves a malicious package capable of granting the adversary remote access to infected systems.… Read More »Malicious Go Package Exploits Module Mirror Caching for Persistent Remote Access

​The North Korean threat actors behind the Contagious Interview campaign have been observed delivering a collection of Apple macOS malware strains dubbed FERRET as part of a supposed job interview… Read More »North Korean Hackers Deploy FERRET Malware via Fake Job Interviews on macOS

​A recently patched security vulnerability in the 7-Zip archiver tool was exploited in the wild to deliver the SmokeLoader malware. The flaw, CVE-2025-0411 (CVSS score: 7.0), allows remote attackers to… Read More »Russian Cybercrime Groups Exploiting 7-Zip Flaw to Bypass Windows MotW Protections

​As cloud security evolves in 2025 and beyond, organizations must adapt to both new and evolving realities, including the increasing reliance on cloud infrastructure for AI-driven workflows and the vast… Read More »Watch Out For These 8 Cloud Security Shifts in 2025

​A security vulnerability has been disclosed in AMD’s Secure Encrypted Virtualization (SEV) that could permit an attacker to load a malicious CPU microcode under specific conditions. The flaw, tracked as… Read More »AMD SEV-SNP Vulnerability Allows Malicious Microcode Injection with Admin Access

​Taiwan has become the latest country to ban government agencies from using Chinese startup DeepSeek’s Artificial Intelligence (AI) platform, citing security risks. “Government agencies and critical infrastructure should not use… Read More »Taiwan Bans DeepSeek AI Over National Security Concerns, Citing Data Leakage Risks

​Google has shipped patches to address 47 security flaws in its Android operating system, including one it said has come under active exploitation in the wild. The vulnerability in question… Read More »Google Patches 47 Android Security Flaws, Including Actively Exploited CVE-2024-53104

​Microsoft has released patches to address two Critical-rated security flaws impacting Azure AI Face Service and Microsoft Account that could allow a malicious actor to escalate their privileges under certain… Read More »Microsoft Patches Critical Azure AI Face Service Vulnerability with CVSS 9.9 Score

​Cybersecurity researchers have disclosed details of a now-patched vulnerability impacting the Microsoft SharePoint connector on Power Platform that, if successfully exploited, could allow threat actors to harvest a user’s credentials… Read More »Microsoft SharePoint Connector Flaw Could’ve Enabled Credential Theft Across Power Platform

​The maintainers of the Python Package Index (PyPI) registry have announced a new feature that allows package developers to archive a project as part of efforts to improve supply chain… Read More »PyPI Introduces Archival Status to Alert Users About Unmaintained Python Packages