Axios Abuse and Salty 2FA Kits Fuel Advanced Microsoft 365 Phishing Attacks
Threat actors are abusing HTTP client tools like Axios in conjunction with Microsoft’s Direct Send feature to form a “highly…
TOR-Based Cryptojacking Attack Expands Through Misconfigured Docker APIs
Cybersecurity researchers have discovered a variant of a recently disclosed campaign that abuses the TOR network for cryptojacking attacks targeting…
From MostereRAT to ClickFix: New Malware Campaigns Highlight Rising AI and Phishing Risks
Cybersecurity researchers have disclosed details of a phishing campaign that delivers a stealthy banking malware-turned-remote access trojan called MostereRAT. The…
GPUGate Malware Uses Google Ads and Fake GitHub Commits to Target IT Firms
Cybersecurity researchers have detailed a new sophisticated malware campaign that leverages paid ads on search engines like Google to deliver…
⚡ Weekly Recap: Drift Breach Chaos, Zero-Days Active, Patch Warnings, Smarter Threats & More
Cybersecurity never slows down. Every week brings new threats, new vulnerabilities, and new lessons for defenders. For security and IT…
You Didn’t Get Phished — You Onboarded the Attacker
When Attackers Get Hired: Today’s New Identity Crisis What if the star engineer you just hired isn’t actually an employee,…
Noisy Bear Targets Kazakhstan Energy Sector With BarrelFire Phishing Campaign
A threat actor possibly of Russian origin has been attributed to a new set of attacks targeting the energy sector…
CISA Orders Immediate Patch of Critical Sitecore Vulnerability Under Active Exploitation
Federal Civilian Executive Branch (FCEB) agencies are being advised to update their Sitecore instances by September 25, 2025, following the…
SAP S/4HANA Critical Vulnerability CVE-2025-42957 Exploited in the Wild
A critical security vulnerability impacting SAP S/4HANA, an Enterprise Resource Planning (ERP) software, has come under active exploitation in the…
Automation Is Redefining Pentest Delivery
Pentesting remains one of the most effective ways to identify real-world security weaknesses before adversaries do. But as the threat…