Noisy Bear Targets Kazakhstan Energy Sector With BarrelFire Phishing Campaign
A threat actor possibly of Russian origin has been attributed to a…
TAG-150 Develops CastleRAT in Python and C, Expanding CastleLoader Malware Operations
The threat actor behind the malware-as-a-service (MaaS) framework and loader called CastleLoader…
CISA Orders Immediate Patch of Critical Sitecore Vulnerability Under Active Exploitation
Federal Civilian Executive Branch (FCEB) agencies are being advised to update their…
SAP S/4HANA Critical Vulnerability CVE-2025-42957 Exploited in the Wild
Sep 05, 2025Ravie LakshmananVulnerability / Enterprise Security A critical security vulnerability impacting…
Cybercriminals Exploit X’s Grok AI to Bypass Ad Protections and Spread Malware to Millions
Sep 04, 2025Ravie LakshmananArtificial Intelligence / Malware Cybersecurity researchers have flagged a…
Detecting Data Leaks Before Disaster
In January 2025, cybersecurity experts at Wiz Research found that Chinese AI…
Threat Actors Weaponize HexStrike AI to Exploit Citrix Flaws Within a Week of Disclosure
Sep 03, 2025Ravie LakshmananArtificial Intelligence / Vulnerability Threat actors are attempting to…
CISA Adds TP-Link and WhatsApp Flaws to KEV Catalog Amid Active Exploitation
Sep 03, 2025Ravie LakshmananVulnerability / Mobile Security The U.S. Cybersecurity and Infrastructure…
Lazarus Group Expands Malware Arsenal With PondRAT, ThemeForestRAT, and RemotePE
Sep 02, 2025Ravie LakshmananMalware / Threat Intelligence The North Korea-linked threat actor…