Cyber Attack
Verizon DBIR Report: Small Businesses Identified as Key Targets in Ransomware Attacks
Verizon Business's 2025 Data Breach Investigations Report (DBIR), released on April 24, 2025, paints a stark picture of the cybersecurity landscape, drawing from an analysis of over 22,000 security...
APT
Lazarus APT Targets Organizations by Exploiting One-Day Vulnerabilities
A recent cyber espionage campaign by the notorious Lazarus Advanced Persistent Threat (APT) group, tracked as "Operation SyncHole," has compromised at least six South...
Cyber Attack
ToyMaker Hackers Compromise Numerous Hosts via SSH and File Transfer Tools
In a alarming cybersecurity breach uncovered by Cisco Talos in 2023, a critical infrastructure enterprise fell victim to a meticulously orchestrated attack involving multiple...
cryptocurrency
Threat Actors Exploiting Unsecured Kubernetes Clusters for Crypto Mining
In a startling revelation from Microsoft Threat Intelligence, threat actors are increasingly targeting unsecured Kubernetes clusters to conduct illicit activities such as cryptomining.
The...
cyber security
New Steganography Campaign Exploits MS Office Vulnerability to Distribute AsyncRAT
A recently uncovered cyberattack campaign has brought steganography back into the spotlight, showcasing the creative and insidious methods attackers employ to deliver malware.
This...
cyber security
Hackers Exploit Ivanti Connect Secure 0-Day to Deploy DslogdRAT and Web Shell
Threat actors exploited a zero-day vulnerability in Ivanti Connect Secure, identified as CVE-2025-0282, to deploy malicious tools including a web shell and a sophisticated...
cyber security
Weaponized SVG Files Used by Threat Actors to Redirect Users to Malicious Sites
Cybercriminals are increasingly weaponizing Scalable Vector Graphics (SVG) files to orchestrate sophisticated phishing campaigns.
According to research from Intezer, a cybersecurity firm that triages millions...
cyber security
Google Warns: Threat Actors Growing More Sophisticated, Exploiting Zero-Day Vulnerabilities
Google’s Mandiant team has released its M-Trends 2025 report, highlighting the increasing sophistication of threat actors, particularly China-nexus groups.
These adversaries are deploying custom malware...
AI
Critical Langflow Flaw Enables Malicious Code Injection – Technical Breakdown Released
A critical remote code execution (RCE) vulnerability, identified as CVE-2025-3248 with a CVSS score of 9.8, has been uncovered in Langflow, an open-source platform...
Cyber Attack
Hackers Exploit NFC Technology to Steal Money from ATMs and POS Terminals
In a disturbing trend, cybercriminals, predominantly from Chinese underground networks, are exploiting Near Field Communication (NFC) technology to perpetrate large-scale fraud at ATMs and...
Cyber Attack
Threat Actors Leverage TAG-124 Infrastructure to Deliver Malicious Payloads
In a concerning trend for cybersecurity, multiple threat actors, including ransomware groups and state-sponsored entities, are utilizing a malicious traffic distribution system (TDS) known...