Sunday, April 26

Browsing: Cyber Security

Two Zero-Days Among Patch Tuesday CVEs This Month

Team-CWDSeptember 11, 2025

Microsoft issued updates to fix 81 vulnerabilities in this month’s Patch Tuesday yesterday, including two classed as zero-days which have…

Cyber Security

Attacker “Patches” Vulnerability Post Exploitation to Lock Out Competi

Team-CWDSeptember 11, 2025

A threat actor has been observed “patching” a vulnerability post exploitation, likely in a bid to lock out other adversaries…

Cyber Security

Phishing Campaign Uses UpCrypter to Deploy Remote Access Tools

Team-CWDSeptember 11, 2025

A global phishing campaign using personalized emails and fake websites to deliver malicious downloads has been identified by cybersecurity researchers.…

Cyber Security

Ransomware Actor Deletes Data and Backups Post-Exfiltration on Azure

Team-CWDSeptember 11, 2025

A threat actor has destroyed data and backups following exfiltration in a victim’s Microsoft Azure environment in a novel cloud-based…

Cyber Security

Salesloft Attacks Target Google Workspace

Team-CWDSeptember 11, 2025

A recently discovered supply chain attack campaign targeting Salesforce data via the Salesloft Drift app is more extensive than at…

Cyber Security

Zscaler Customer Info Taken in Salesloft Breach

Team-CWDSeptember 11, 2025

Zscaler has revealed itself as the latest corporate victim of a major supply chain campaign targeting Salesforce customer data. The…

Cyber Security

Azure AD Credentials Exposed in Public App Settings File

Team-CWDSeptember 11, 2025

A cybersecurity assessment has uncovered a serious vulnerability involving Azure Active Directory (Azure AD). Resecurity’s HUNTER Team discovered that application…

Cyber Security

61% of US Companies Hit by Insider Data Breaches

Team-CWDSeptember 11, 2025

Nearly two-thirds (61%) of US firms have suffered from insider data breaches in the past two years, according to a…

Cyber Security

Malicious npm Code Reached 10% of Cloud Environments

Team-CWDSeptember 11, 2025

Security experts have warned that a newly discovered supply chain attack targeting npm packages is still active and may already have…

Cyber Security

Cursor Autorun Flaw Lets Repositories Execute Code Without Consent

Team-CWDSeptember 10, 2025

A newly disclosed flaw in the Cursor extension allows repositories to automatically execute code when a folder is opened, even…

What's Hot

NIST Limits CVE Enrichment After 263% Surge in Vulnerability Submissions

Operation PowerOFF Seizes 53 DDoS Domains, Exposes 3 Million Criminal Accounts

Apache ActiveMQ CVE-2026-34197 Added to CISA KEV Amid Active Exploitation

Browsing: Cyber Security

Two Zero-Days Among Patch Tuesday CVEs This Month

Attacker “Patches” Vulnerability Post Exploitation to Lock Out Competi

Phishing Campaign Uses UpCrypter to Deploy Remote Access Tools

Ransomware Actor Deletes Data and Backups Post-Exfiltration on Azure

Salesloft Attacks Target Google Workspace

Zscaler Customer Info Taken in Salesloft Breach

Azure AD Credentials Exposed in Public App Settings File

61% of US Companies Hit by Insider Data Breaches

Malicious npm Code Reached 10% of Cloud Environments

Cursor Autorun Flaw Lets Repositories Execute Code Without Consent

North Korean Hackers Turn JSON Services into Covert Malware Delivery Channels

macOS Stealer Campaign Uses “Cracked” App Lures to Bypass Apple Securi

Why SOC Burnout Can Be Avoided: Practical Steps

Cyber M&A Roundup: Cyber Giants Strengthen AI Security Offerings

Why the Identity Security Fabric is Essential for Securing AI and Non-Human Identities

Most Popular

North Korean Hackers Turn JSON Services into Covert Malware Delivery Channels

macOS Stealer Campaign Uses “Cracked” App Lures to Bypass Apple Securi

Why SOC Burnout Can Be Avoided: Practical Steps

Our Picks

Don’t let “back to school” become “back to bullying”

In memoriam: David Harley

Why that next data breach alert could be a trap

Subscribe to Updates

What's Hot

Browsing: Cyber Security

Subscribe to Updates