Microsoft has discovered a new remote access trojan (RAT) that employs “sophisticated techniques” to avoid detection, ensure persistence, and extract sensitive information data. […] Go to Source Author: Sergiu Gatlan
Category Archives: Security
OKX Web3 has decided to suspend its DEX aggregator services to implement security upgrades following reports of abuse by the notorious North Korean Lazarus hackers, who recently conducted a $1.5 billion crypto heist. […] Go to Source Author: Bill Toulas
A supply chain attack on the widely used ‘tj-actions/changed-files’ GitHub Action, used by 23,000 repositories, potentially allowed threat actors to steal CI/CD secrets from GitHub Actions build logs. […] Go to Source Author: Bill Toulas
Ransomware has become a significant hazard to enterprises globally, with attackers evolving their methods to cause more disruption and demand higher payouts. For business owners and leaders, staying ahead of these threats is critical to protecting their organizations. Below, we’ll explore the current trends in ransomware and the measures businesses can take to bolster their […]
Ransomware continues to be one of the most disruptive threats that businesses face. What was once simply a method to encrypt files and demand a ransom has now evolved into far more sophisticated and damaging operations, exacerbating risks for organizations of all sizes. This article explores the current trends in ransomware and how businesses can […]
Ransomware has become one of the most persistent cyberthreats, affecting organizations of all sizes across the globe. These attacks, which hold data hostage in exchange for payment, are evolving rapidly as attackers adopt new tactics that leave businesses scrambling to respond. For business owners and leaders, understanding the current state of ransomware is crucial for […]
A critical remote code execution (RCE) vulnerability in Apache Tomcat tracked as CVE-2025-24813 is actively exploited in the wild, enabling attackers to take over servers with a simple PUT request. […] Go to Source Author: Bill Toulas
A widespread phishing campaign has targeted nearly 12,000 GitHub repositories with fake “Security Alert” issues, tricking developers into authorizing a malicious OAuth app that grants attackers full control over their accounts and code. […] Go to Source Author: Lawrence Abrams
Cybercriminals are promoting malicious Microsoft OAuth apps that masquerade as Adobe and DocuSign apps to deliver malware and steal Microsoft 365 accounts credentials. […] Go to Source Author: Bill Toulas
Security researcher Yohanes Nugroho has released a decryptor for the Linux variant of Akira ransomware, which utilizes GPU power to retrieve the decryption key and unlock files for free. […] Go to Source Author: Bill Toulas