Zero-Click AI Vulnerability Exposes Microsoft 365 Copilot Data Without User Interaction
A novel attack technique named EchoLeak has been characterized as a "zero-click"…
Ransomware Gangs Exploit Unpatched SimpleHelp Flaws to Target Victims with Double Extortion
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday disclosed that…
Ransomware Gangs Use Skitnet Malware for Stealthy Data Theft and Remote Access
May 19, 2025Ravie LakshmananRansomware / Malware Several ransomware actors are using a…
Malicious Go Modules Deliver Disk-Wiping Linux Malware in Advanced Supply Chain Attack
May 03, 2025Ravie LakshmananSupply Chain Attack / Malware Cybersecurity researchers have discovered…
MintsLoader Drops GhostWeaver via Phishing, ClickFix — Uses DGA, TLS for Stealth Attacks
May 02, 2025Ravie LakshmananMalware / Threat Intelligence The malware loader known as…
Researchers Demonstrate How MCP Prompt Injection Can Be Used for Both Attack and Defense
Apr 30, 2025Ravie LakshmananArtificial Intelligence / Email Security As the field of…
ResolverRAT Campaign Targets Healthcare, Pharma via Phishing and DLL Side-Loading
Cybersecurity researchers have discovered a new, sophisticated remote access trojan called ResolverRAT…
Google Fixed Cloud Run Vulnerability Allowing Unauthorized Image Access via IAM Misuse
Apr 02, 2025Ravie LakshmananCloud Security / Vulnerability Cybersecurity researchers have disclosed details…
FIN7 Deploys Anubis Backdoor to Hijack Windows Systems via Compromised SharePoint Sites
Apr 02, 2025Ravie LakshmananRansomware / Email Security The financially motivated threat actor…