Skip to main content
← All Tags

Cybersecurity

624 articles in this category (Page 19 of 26)

AI NewsCybersecurityData Security

Securing GenAI in the Browser: Policy, Isolation, and Data Controls That Actually Work

Enterprises are increasingly reliant on browser-based GenAI, demanding strict policies, isolation, and monitoring to mitigate data-exposure risks.

Read more
AI NewsCybersecurityMalware

NANOREMOTE Malware Leverages Google Drive API for Covert Windows Control

NANOREMOTE, a new Windows backdoor, utilizes the Google Drive API for command-and-control, enabling stealthy data theft and payload delivery.

Read more
AI NewsCybersecuritySoftware Vulnerability

.NET SOAPwn Flaw Opens Door for File Writes and Remote Code Execution via Rogue WSDL

New research reveals a .NET flaw, SOAPwn, enables file writes and remote code execution (RCE) through manipulated WSDL files in products like Barracuda and Ivanti.

Read more
AI NewsCybersecurityVulnerability

React2Shell Exploitation Delivers Crypto Miners and New Malware Across Multiple Sectors

Critical React Server Components flaw (CVE-2025-55182) fuels automated attacks dropping miners and multiple new Linux malware families.

Read more
AI NewsCybersecurityIAM

The Impact of Robotic Process Automation (RPA) on Identity and Access Management

RPA is changing IAM by introducing new security challenges for enterprises; bots may soon outnumber human employees.

Read more
AI NewsCybersecurityThreat Intelligence

ThreatsDay Bulletin: Spyware Alerts, Mirai Strikes, Docker Leaks, ValleyRAT Rootkit — and 20 More Stories

This week’s ThreatsDay Bulletin highlights a surge in cyber threats, including 193 arrests in a crackdown on Violence-as-a-Service (VaaS).

Read more
AI NewsCybersecuritySoftware Vulnerability

Gogs Zero-Day Exploited in 700+ Instances

An unpatched Gogs flaw (CVE-2025-8110) is actively exploited, resulting in over 700 confirmed compromises via file overwrite and code execution.

Read more
AI NewsCybersecurityAPT

WIRTE APT Leverages AshenLoader Sideloading for AshTag Espionage Campaign

WIRTE expands AshTag espionage operations, targeting Middle Eastern governments and diplomatic entities, resulting in persistent intelligence-gathering attacks.

Read more
AI NewsCybersecuritySoftware Updates

Fortinet, Ivanti, and SAP Address Critical Security Vulnerabilities

Three major vendors released urgent patches to address critical flaws enabling authentication bypass and remote code execution, impacting a wide range of enterprise systems.

Read more
AI NewsCybersecurityWindows

Microsoft Patches 56 Flaws, Including Actively Exploited Privilege Escalation Bug

Microsoft addressed 56 Windows security vulnerabilities in December 2025, including an actively exploited privilege escalation flaw (CVE-2025-62221) with a CVSS score of 7.8.

Read more
AI NewsCybersecurityVulnerability Management

WinRAR Vulnerability CVE-2025-6218 Under Active Attack by Multiple Threat Groups

CISA warns WinRAR CVE-2025-6218 is under active attack by multiple threat groups, requiring federal fixes by December 30, 2025.

Read more
AI NewsCybersecurityBrowser Security

Google Fortifies Chrome Against Indirect Prompt Injection with Layered Defenses

Google has implemented new security features in Chrome, including a User Alignment Critic, to mitigate the emerging threat of indirect prompt injection attacks targeting agentic AI capabilities.

Read more
AI NewsCybersecurityZero Trust

How to Streamline Zero Trust Using the Shared Signals Framework

Zero Trust workflows are strengthened as Tines converts Kolide device issues into SSF-compliant CAEP events for Okta, improving real-time access decisions.

Read more
AI NewsCybersecuritySoftware Supply Chain

Malicious Packages Steal Developer Data via VS Code, Go, npm, and Rust

Researchers discovered malicious packages in VS Code extensions and Go, npm, and Rust ecosystems, resulting in the theft of sensitive developer data.

Read more
AI NewsCybersecurityThreat Intelligence

STAC6565 Shifts Focus to Canada in QWCrypt Ransomware Attacks

Sophos reports STAC6565 targeted nearly 40 victims, with 80% of attacks hitting Canadian firms and deploying QWCrypt ransomware.

Read more
AI NewsCybersecurityThreat Intelligence

Storm-0249 Escalates Ransomware Attacks with ClickFix, Fileless PowerShell, and DLL Sideloading

Storm-0249 is evolving its tactics, now employing ClickFix, fileless PowerShell, and DLL sideloading to facilitate ransomware operations and evade detection.

Read more
AI NewsCybersecurityMalware Analysis

Android Malware FvncBot, SeedSnatcher, and ClayRat Gain Stronger Data Theft Features

Researchers reveal advanced Android malware FvncBot, SeedSnatcher, and ClayRat with enhanced data theft capabilities, targeting banking and crypto users.

Read more
AI NewsCybersecurityMalware

JS#SMUGGLER Campaign Deploys NetSupport RAT via Compromised Websites

Researchers detail JS#SMUGGLER, a multi-stage web attack leveraging JavaScript, HTA, and PowerShell, resulting in NetSupport RAT deployment.

Read more
AI NewsCybersecurityRetail Tech

Retail Cybersecurity: Mitigating Credential Risks During Holiday Peaks

Holiday peaks surge credential-stuffing attacks; Target's 2013 breach highlights third-party risks.

Read more
AI NewsCybersecurityMalware

MuddyWater Deploys UDPGangster Backdoor in Targeted Turkey-Israel-Azerbaijan Campaign

Iranian threat actor MuddyWater utilizes the UDPGangster malware, achieving a 90% success rate in initial access through macro phishing in recent attacks.

Read more
AI NewsCybersecurityVulnerabilities

Sneeit WordPress RCE Exploited in the Wild While ICTBroadcast Bug Fuels Frost Botnet Attacks

CVE-2025-6389 and CVE-2025-2611 exploited in mass attacks, with 131,000+ attempts blocked by Wordfence.

Read more
AI NewsCybersecurityVulnerabilities

Critical React2Shell Flaw Added to CISA KEV After Confirmed Active Exploitation

CISA lists React2Shell (CVE-2025-55182, CVSS 10.0) as actively exploited, impacting 2.15M internet-facing services.

Read more
AI NewsCybersecurityVulnerability

Chinese Hackers Exploit Critical React2Shell Vulnerability (CVE-2025-55182)

China-linked hackers weaponize React2Shell (CVSS 10.0) within hours of disclosure, targeting global sectors.

Read more
AI NewsCybersecurityMalware

CISA Reports PRC Hackers Using BRICKSTORM for Long-Term Access in U.S. Systems

CISA identifies BRICKSTORM malware enabling persistent, stealthy access in U.S. VMware and Windows systems.

Read more