UNC5221 Uses BRICKSTORM Backdoor to Infiltrate U.S. Legal and Technology Sectors
Companies in the legal services, software-as-a-service (SaaS) providers, Business Process Outsourcers (BPOs),…
Chinese Hackers RedNovember Target Global Governments Using Pantegana and Cobalt Strike
Sep 24, 2025Ravie LakshmananVulnerability / Network Security A suspected cyber espionage activity…
Hackers Exploit Pandoc CVE-2025-51591 to Target AWS IMDS and Steal EC2 IAM Credentials
Cloud security company Wiz has revealed that it uncovered in-the-wild exploitation of…
Two New Supermicro BMC Bugs Allow Malicious Firmware to Evade Root of Trust Security
Sep 23, 2025Ravie LakshmananFirmware Security / Vulnerability Cybersecurity researchers have disclosed details…
SolarWinds Releases Hotfix for Critical CVE-2025-26399 Remote Code Execution Flaw
Sep 23, 2025Ravie LakshmananVulnerability / Data Security SolarWinds has released hot fixes…
ComicForm and SectorJ149 Hackers Deploy Formbook Malware in Eurasian Cyberattacks
Organizations in Belarus, Kazakhstan, and Russia have emerged as the target of…
How to Gain Control of AI Agents and Non-Human Identities
We hear this a lot: "We've got hundreds of service accounts and…
Fortra Releases Critical Patch for CVSS 10.0 GoAnywhere MFT Vulnerability
Sep 19, 2025Ravie LakshmananVulnerability / Threat Intelligence Fortra has disclosed details of…
DPRK Hackers Use ClickFix to Deliver BeaverTail Malware in Crypto Job Scams
Threat actors with ties to the Democratic People's Republic of Korea (aka…