Emerging Threats & Vulnerabilities to Prepare for in 2025
From zero-day exploits to 5G network vulnerabilities, these are the threats that are expected to persist over the next 12…
DDoS Attacks Surge as Africa Expands Its Digital Footprint
As organizations on the continent expand their use of digital technologies, they increasingly face many of the same threats that…
Middle East Cyberwar Rages On, With No End in Sight
Since October 2023, cyberattacks among countries in the Middle East have persisted, fueled by the conflict between Israel and Hamas,…
Thai Police Systems Under Fire From ‘Yokai’ Backdoor
Hackers are abusing legitimate Windows utilities to target Thai law enforcement with a novel malware that is a mix of…
Governments, Telcos Ward Off China’s Hacking Typhoons
Infiltrating other nations' telecom networks is a cornerstone of China's geopolitical strategy, and it's having the unintended consequence of driving…
Actively Exploited Zero-Day, Critical RCEs Lead Microsoft Patch Tuesday
The zero-day (CVE-2024-49138), plus a worryingly critical unauthenticated RCE security vulnerability (CVE-2024-49112), are unwanted gifts for security admins this season.
Russia’s ‘BlueAlpha’ APT Hides in Cloudflare Tunnels
Cloudflare Tunnels is just the latest legitimate cloud service that cybercriminals and state-sponsored threat actors are abusing to hide their…
Sneaky Skimmer Malware Targets Magento Sites Ahead of Black Friday
A stealthy JavaScript injection attack steals data from the checkout page of sites, either by creating a fake credit card…
‘RomCom’ APT Mounts Zero-Day, Zero-Click Browser Escapes in Firefox, Tor
The innocuously named Russian-sponsored cyber threat actor has combined critical and serious vulnerabilities in Windows and Firefox products in a…
Salt Typhoon Builds Out Malware Arsenal With GhostSpider
The APT, aka Earth Estries, is one of China's most effective threat actors, performing espionage for sometimes years on end…