Coinbase was primary target of recent GitHub Actions breaches
Researchers have determined that Coinbase was the primary target in a recent GitHub Actions cascading supply chain attack that compromised…
Ransomware gang creates tool to automate VPN brute-force attacks
The Black Basta ransomware operation created an automated brute-forcing framework dubbed 'BRUTED' to breach edge networking devices like firewalls and…
EncryptHub breaches 618 orgs to deploy infostealers, ransomware
A threat actor tracked as 'EncryptHub,' aka Larva-208, has been targeting organizations worldwide with spear-phishing and social engineering attacks to gain access…
New Auto-Color Linux backdoor targets North American govts, universities
A previously undocumented Linux backdoor dubbed 'Auto-Color' was observed in attacks between November and December 2024, targeting universities and government…
CISA flags Craft CMS code injection flaw as exploited in attacks
The U.S. Cybersecurity & Infrastructure Security Agency (CISA) warns that a Craft CMS remote code execution flaw is being exploited…
Patch Now: CISA Warns of Palo Alto Flaw Exploited in the Wild
The authentication bypass vulnerability in the OS for the company's firewall devices is under increasing attack and being chained with…
Massive brute force attack uses 2.8 million IPs to target VPN devices
A large-scale brute force password attack using almost 2.8 million IP addresses is underway, attempting to guess the credentials for…
Why Cybersecurity Needs Probability — Not Predictions
While probabilities may be based on subjective information, when used in an objective framework, they demonstrate an effective way to…
Cyber agencies share security guidance for network edge devices
Five Eyes cybersecurity agencies in the UK, Australia, Canada, New Zealand, and the U.S. have issued guidance urging makers of…
Cybersecurity’s Broken Model: The Cost of Overcomplication and Underperformance
Cybersecurity is in need of a reckoning. Global cybersecurity spend reached a record $79.2 billion in 2023 and is expected…