How One Bad Password Ended a 158-Year-Old Business
Most businesses don’t make it past their fifth birthday – studies show that roughly 50% of small businesses fail within the first five […]
New YiBackdoor Malware Shares Major Code Overlaps with IcedID and Latrodectus
Cybersecurity researchers have disclosed details of a new malware family dubbed YiBackdoor that has been found to share “significant” source code overlaps […]
Two New Supermicro BMC Bugs Allow Malicious Firmware to Evade Root of Trust Security
Cybersecurity researchers have disclosed details of two security vulnerabilities impacting Supermicro Baseboard Management Controller (BMC) firmware that could potentially allow attackers to […]
Eurojust Arrests 5 in €100M Cryptocurrency Investment Fraud Spanning 23 Countries
Law enforcement authorities in Europe have arrested five suspects in connection with an “elaborate” online investment fraud scheme that stole more than […]
U.S. Secret Service Seizes 300 SIM Servers, 100K Cards Threatening U.S. Officials Near UN
The U.S. Secret Service on Tuesday said it took down a network of electronic devices located across the New York tri-state area […]
BadIIS Malware Spreads via SEO Poisoning — Redirects Traffic, Plants Web Shells
Cybersecurity researchers are calling attention to a search engine optimization (SEO) poisoning campaign likely undertaken by a Chinese-speaking threat actor using a […]
SolarWinds Releases Hotfix for Critical CVE-2025-26399 Remote Code Execution Flaw
SolarWinds has released hot fixes to address a critical security flaw impacting its Web Help Desk software that, if successfully exploited, could […]
Lean Teams, Higher Stakes: Why CISOs Must Rethink Incident Remediation
Big companies are getting smaller, and their CEOs want everyone to know it. Wells Fargo has cut its workforce by 23% over […]
ShadowV2 Botnet Exploits Misconfigured AWS Docker Containers for DDoS-for-Hire Service
Cybersecurity researchers have disclosed details of a new botnet that customers can rent access to conduct distributed denial-of-service (DDoS) attacks against targets […]
GitHub Mandates 2FA and Short-Lived Tokens to Strengthen npm Supply Chain Security
GitHub on Monday announced that it will be changing its authentication and publishing options “in the near future” in response to a […]
ComicForm and SectorJ149 Hackers Deploy Formbook Malware in Eurasian Cyberattacks
Organizations in Belarus, Kazakhstan, and Russia have emerged as the target of a phishing campaign undertaken by a previously undocumented hacking group […]
⚡ Weekly Recap: Chrome 0-Day, AI Hacking Tools, DDR5 Bit-Flips, npm Worm & More
The security landscape now moves at a pace no patch cycle can match. Attackers aren’t waiting for quarterly updates or monthly fixes—they […]