Silver Fox exploited a Microsoft-signed WatchDog driver in May 2025 to bypass defenses, deploy ValleyRAT, and enable fraud.

FDN3 brute-force attacks peaked July 6–8, 2025, tied to Seychelles bulletproof hosts enabling ransomware entry.

The path forward is to govern it intelligently, rather than block it. Shadow AI discovery gives CISOs the visibility they need to protect sensitive data, meet regulatory requirements, and empower ...

Here’s this week’s cybersecurity recap in plain terms, built for leaders and practitioners who need the signal, not the noise ...

Cybersecurity researchers are calling attention to a new shift in the Android malware landscape where dropper apps, which are ...

The package, named nodejs-smtp, impersonates the legitimate email library nodemailer with an identical tagline, page styling, and README descriptions, attracting a total of 347 downloads since it was ...

ServiceNow integrates XM Cyber attack graphing, adding a fourth risk dimension to prioritize exposures and protect critical ...

Over 80% of security incidents stem from browser-based apps, with Scattered Spider exploiting sessions and APIs.

ScarCruft’s Operation HanKook Phantom uses RokRAT malware in spear-phishing campaigns, targeting South Korean academics for espionage.

Amazon disrupted APT29’s June 2025 campaign exploiting Microsoft device code authentication, redirecting 10% of visitors to ...

Passwordstate 9.9 fixes authentication bypass flaw on August 28, 2025, adding clickjacking defenses for 29,000 customers.

Nx supply chain attack on Aug 26, 2025 leaked 2,349 secrets via npm packages, risking GitHub and cloud accounts.