Amazon Disrupts APT29 Watering Hole Campaign Abusing Microsoft Device Code Authentication
Aug 29, 2025Ravie LakshmananThreat Intelligence / Malware Amazon on Friday said it…
Attackers Abuse Velociraptor Forensic Tool to Deploy Visual Studio Code for C2 Tunneling
Cybersecurity researchers have called attention to a cyber attack in which unknown…
Learn How to Unite Dev, Sec, and Ops Teams With One Shared Playbook
Aug 29, 2025The Hacker NewsCloud Security / Generative AI Picture this: Your…
Storm-0501 Exploits Entra ID to Exfiltrate and Delete Azure Data in Hybrid Cloud Attacks
The financially motivated threat actor known as Storm-0501 has been observed refining…
Salesloft OAuth Breach via Drift AI Chat Agent Exposes Salesforce Customer Data
Aug 27, 2025Ravie LakshmananCloud Security / Threat Intelligence A widespread data theft…
Citrix Patches Three NetScaler Flaws, Confirms Active Exploitation of CVE-2025-7775
Aug 26, 2025Ravie LakshmananVulnerability / Remote Code Execution Citrix has released fixes…
MixShell Malware Delivered via Contact Forms Targets U.S. Supply Chain Manufacturers
Cybersecurity researchers are calling attention to a sophisticated social engineering campaign that's…
UNC6384 Deploys PlugX via Captive Portal Hijacks and Valid Certificates Targeting Diplomats
Aug 25, 2025Ravie LakshmananMalware / Cyber Espionage A China-nexus threat actor known…
Insights from 160 Million Attack Simulations
Security Information and Event Management (SIEM) systems act as the primary tools…