Chinese Threat Actors Exploit ToolShell SharePoint Flaw Weeks After Microsoft’s July Patch
Threat actors with ties to China exploited the ToolShell security vulnerability in Microsoft SharePoint to breach a telecommunications company in the Middle […]
Bridging the Remediation Gap: Introducing Pentera Resolve
From Detection to Resolution: Why the Gap Persists A critical vulnerability is identified in an exposed cloud asset. Within hours, five different […]
Fake Nethereum NuGet Package Used Homoglyph Trick to Steal Crypto Wallet Keys
Cybersecurity researchers have uncovered a new supply chain attack targeting the NuGet package manager with malicious typosquats of Nethereum, a popular Ethereum […]
Why You Should Swap Passwords for Passphrases
The advice didn’t change for decades: use complex passwords with uppercase, lowercase, numbers, and symbols. The idea is to make passwords harder […]
Researchers Identify PassiveNeuron APT Using Neursite and NeuralExecutor Malware
Government, financial, and industrial organizations located in Asia, Africa, and Latin America are the target of a new campaign dubbed PassiveNeuron, according […]
TP-Link Patches Four Omada Gateway Flaws, Two Allow Remote Code Execution
TP-Link has released security updates to address four security flaws impacting Omada gateway devices, including two critical bugs that could result in […]
Google Identifies Three New Russian Malware Families Created by COLDRIVER Hackers
A new malware attributed to the Russia-linked hacking group known as COLDRIVER has undergone numerous developmental iterations since May 2025, suggesting an […]
Hackers Used Snappybee Malware and Citrix Flaw to Breach European Telecom Network
A European telecommunications organization is said to have been targeted by a threat actor that aligns with a China-nexus cyber espionage group […]
Meta Rolls Out New Tools to Protect WhatsApp and Messenger Users from Scams
Meta on Tuesday said it’s launching new tools to protect Messenger and WhatsApp users from potential scams. To that end, the company […]
PolarEdge Targets Cisco, ASUS, QNAP, Synology Routers in Expanding Botnet Campaign
Cybersecurity researchers have shed light on the inner workings of a botnet malware called PolarEdge. PolarEdge was first documented by Sekoia in […]
Securing AI to Benefit from AI
Artificial intelligence (AI) holds tremendous promise for improving cyber defense and making the lives of security practitioners easier. It can help teams […]
Five New Exploited Bugs Land in CISA’s Catalog — Oracle and Microsoft Among Targets
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added five security flaws to its Known Exploited Vulnerabilities (KEV) Catalog, officially […]