40 npm Packages Compromised in Supply Chain Attack Using bundle.js to Steal Credentials
Cybersecurity researchers have flagged a fresh software supply chain attack targeting the npm registry that has affected more than 40…
Mustang Panda Deploys SnakeDisk USB Worm to Deliver Yokai Backdoor on Thailand IPs
The China-aligned threat actor known as Mustang Panda has been observed using an updated version of a backdoor called TONESHELL…
FBI Warns of UNC6040 and UNC6395 Targeting Salesforce Platforms in Data Theft Attacks
The U.S. Federal Bureau of Investigation (FBI) has issued a flash alert to release indicators of compromise (IoCs) associated with…
Samsung Fixes Critical Zero-Day CVE-2025-21043 Exploited in Android Attacks
Samsung has released its monthly security updates for Android, including a fix for a security vulnerability that it said has…
Cloud-Native Security in 2025: Why Runtime Visibility Must Take Center Stage
The security landscape for cloud-native applications is undergoing a profound transformation. Containers, Kubernetes, and serverless technologies are now the default…
Fake Madgicx Plus and SocialMetrics Extensions Are Hijacking Meta Business Accounts
Cybersecurity researchers have disclosed two new campaigns that are serving fake browser extensions using malicious ads and fake websites to…
Cracking the Boardroom Code: Helping CISOs Speak the Language of Business
CISOs know their field. They understand the threat landscape. They understand how to build a strong and cost-effective security stack….
AsyncRAT Exploits ConnectWise ScreenConnect to Steal Credentials and Crypto
Cybersecurity researchers have disclosed details of a new campaign that leverages ConnectWise ScreenConnect, a legitimate Remote Monitoring and Management (RMM)…
Microsoft Fixes 80 Flaws — Including SMB PrivEsc and Azure CVSS 10.0 Bugs
Microsoft on Tuesday addressed a set of 80 security flaws in its software, including one vulnerability that has been disclosed…
The Time-Saving Guide for Service Providers: Automating vCISO and Compliance Services
Introduction Managed service providers (MSPs) and managed security service providers (MSSPs) are under increasing pressure to deliver strong cybersecurity outcomes…