​Cybersecurity researchers have uncovered a new malware campaign that targets publicly exposed Docket API endpoints with the aim of delivering cryptocurrency miners and other payloads. Included among the tools deployed… Read More »New Malware Targets Exposed Docker APIs for Cryptocurrency Mining

​Seventy percent of enterprises are prioritizing investment in SaaS security by establishing dedicated teams to secure SaaS applications, as part of a growing trend of maturity in this field of… Read More »The Annual SaaS Security Report: 2025 CISO Plans and Priorities

​The Singapore Police Force (SPF) has announced the extradition of two men from Malaysia for their alleged involvement in a mobile malware campaign targeting citizens in the country since June… Read More »Singapore Police Extradites Malaysians Linked to Android Malware Fraud

​VMware has released updates to address critical flaws impacting Cloud Foundation, vCenter Server, and vSphere ESXi that could be exploited to achieve privilege escalation and remote code execution. The list… Read More »VMware Issues Patches for Cloud Foundation, vCenter Server, and vSphere ESXi

​ASUS has shipped software updates to address a critical security flaw impacting its routers that could be exploited by malicious actors to bypass authentication. Tracked as CVE-2024-3080, the vulnerability carries… Read More »ASUS Patches Critical Authentication Bypass Flaw in Multiple Router Models

​A suspected China-nexus cyber espionage actor has been attributed as behind a prolonged attack against an unnamed organization located in East Asia for a period of about three years, with… Read More »China-Linked Hackers Infiltrate East Asian Firm for 3 Years Using F5 Devices

​Traditional application security practices are not effective in the modern DevOps world. When security scans are run only at the end of the software delivery lifecycle (either right before or… Read More »What is DevSecOps and Why is it Essential for Secure Software Delivery?

​Legitimate-but-compromised websites are being used as a conduit to deliver a Windows backdoor dubbed BadSpace under the guise of fake browser updates. “The threat actor employs a multi-stage attack chain… Read More »Hackers Exploit Legitimate Websites to Deliver BadSpace Windows Backdoor

​Threat actors have been observed deploying a malware called NiceRAT to co-opt infected devices into a botnet. The attacks, which target South Korean users, are designed to propagate the malware… Read More »NiceRAT Malware Targets South Korean Users via Cracked Software

​Law enforcement authorities have allegedly arrested a key member of the notorious cybercrime group called Scattered Spider. The individual, a 22-year-old man from the United Kingdom, was arrested this week… Read More »U.K. Hacker Linked to Notorious Scattered Spider Group Arrested in Spain