Tuesday, May 6, 2025

cyber security

Researchers Turned Azure Storage Wildcards into a Stealthy Internal SOCKS5 Backdoor

Security researchers at Quarkslab have developed a new covert channel technique that exploits Microsoft's recommended Azure Storage firewall configurations to bypass network restrictions. Their...

Cybercriminals Trick Tenants into Sending Rent to Fraudulent Accounts

Proofpoint, a leading cybersecurity firm, has identified and named a new financially motivated Business Email Compromise (BEC) threat actor, dubbed TA2900, actively targeting individuals...

New WordPress Malware Disguised as Anti-Malware Plugin Takes Full Control of Websites

The Wordfence Threat Intelligence team has identified a new strain of WordPress malware that masquerades as a legitimate plugin, often named 'WP-antymalwary-bot.php.' First detected...

Ruby on Rails Vulnerability Allows CSRF Protection Bypass

A critical vulnerability in Ruby on Rails' Cross-Site Request Forgery (CSRF) protection mechanism has been identified, affecting all versions since the 2022/2023 "fix" and...

Over 90% of Cybersecurity Leaders Worldwide Report Cloud-Targeted Cyberattacks

A groundbreaking report from Rubrik Zero Labs, titled The State of Data Security: A Distributed Crisis, reveals a staggering reality for global IT and...

Anthropic Report Reveals Growing Risks from Misuse of Generative AI Misuse

A recent threat report from Anthropic, titled “Detecting and Countering Malicious Uses of Claude: March 2025,” published on April 24, has shed light on...

Incident Response Playbooks – What Every CISO Should Have Ready

The Security Operations Center (SOC) is the nerve center of modern cybersecurity, responsible for detecting, analyzing, and responding to threats 24/7. However, the relentless...

Researchers Exploit OAuth Misconfigurations to Gain Unrestricted Access to Sensitive Data

A security researcher has uncovered a serious vulnerability resulting from incorrectly configured OAuth2 credentials in a startling discovery from a recent YesWeHack bug reward...