DPRK Uses Microsoft Zero-Day in No-Click Toast Attacks
The "Code-on-Toast" supply chain cyberattacks by APT37 delivered data-stealing malware to users in South Korea who had enabled Toast pop-up…
Elon Musk wants a robot in every home; here’s how to ensure they don’t kill us all
It’s been clear for a while that mass robotics are coming — and nothing short of a catastrophe will make…
Iranian hackers now exploit Windows flaw to elevate privileges
The Iranian state-sponsored hacking group APT34, aka OilRig, has recently escalated its activities with new campaigns targeting government and critical infrastructure…
Microsoft, DOJ Dismantle Russian Hacker Group Star Blizzard
The successful disruption of notorious Russian hacker group Star Blizzard's operations arrives one month out from the US presidential election…
North Korea’s ‘Stonefly’ APT Swarms US Private Co’s. for Profit
Despite a $10 million bounty on one member, APT45 is not slowing down, pivoting from intelligence gathering to extorting funds…
FIN7 hackers launch deepfake nude “generator” sites to spread malware
The notorious APT hacking group known as FIN7 launched a network of fake AI-powered deepnude generator sites to infect visitors with…
Cybersecurity In Critical Infrastructure: Protecting Power Grids and Smart Grids
Infrastructure like water system, supply system, telecommunication networks, and power plants are critical assets for any country in that the…
Citrine Sleet Poisons PyPI Packages With Mac & Linux Malware
A North Korean advanced persistent threat (APT) actor (aka Gleaming Pisces) tried to sneak simple backdoors into public software packages.
Zero-Click RCE Bug in macOS Calendar Exposes iCloud Data
A researcher bypassed the Calendar sandbox, Gatekeeper, and TCC in a chain attack that allowed for wanton theft of iCloud…
CISA warns of Windows flaw used in infostealer malware attacks
CISA has ordered U.S. federal agencies to secure their systems against a recently patched Windows MSHTML spoofing zero-day bug exploited by the…