The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added two security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. The… Read More »CISA and FBI Raise Alerts on Exploited Flaws and Expanding HiatusRAT Campaign
A little-known cyber espionage actor known as The Mask has been linked to a new set of attacks targeting an unnamed organization in Latin America twice in 2019 and 2022.… Read More »The Mask APT Resurfaces with Sophisticated Multi-Platform Malware Arsenal
Cybersecurity researchers have shed light on a previously undocumented aspect associated with ClickFix-style attacks that hinge on taking advantage of a single ad network service as part of a malvertising-driven… Read More »DeceptionAds Delivers 1M+ Daily Impressions via 3,000 Sites, Fake CAPTCHA Pages
This past week has been packed with unsettling developments in the world of cybersecurity. From silent but serious attacks on popular business tools to unexpected flaws lurking in everyday devices,… Read More »⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips
A Serbian journalist had his phone first unlocked by a Cellebrite tool and subsequently compromised by a previously undocumented spyware codenamed NoviSpy, according to a new report published by Amnesty… Read More »NoviSpy Spyware Installed on Journalist’s Phone After Unlocking It With Cellebrite Tool
With the evolution of modern software development, CI/CD pipeline governance has emerged as a critical factor in maintaining both agility and compliance. As we enter the age of artificial intelligence… Read More »Data Governance in DevOps: Ensuring Compliance in the AI Era
Cybersecurity researchers have discovered a new PHP-based backdoor called Glutton that has been put to use in cyber attacks targeting China, the United States, Cambodia, Pakistan, and South Africa. QiAnXin… Read More »New Glutton Malware Exploits Popular PHP Frameworks Like Laravel and ThinkPHP
Cybersecurity researchers are calling attention to a new kind of investment scam that leverages a combination of social media malvertising, company-branded posts, and artificial intelligence (AI) powered video testimonials featuring… Read More »New Investment Scam Leverages AI, Social Media Ads to Target Victims Worldwide
The Security Service of Ukraine (SBU or SSU) has exposed a novel espionage campaign suspected to be orchestrated by Russia’s Federal Security Service (FSB) that involves recruiting Ukrainian minors for… Read More »Ukrainian Minors Recruited for Cyber Ops and Reconnaissance in Russian Airstrikes
Germany’s Federal Office of Information Security (BSI) has announced that it has disrupted a malware operation called BADBOX that came preloaded on at least 30,000 internet-connected devices sold across the… Read More »Germany Disrupts BADBOX Malware on 30,000 Devices Using Sinkhole Action