Hacker infects 18,000 “script kiddies” with fake malware builder
A threat actor targeted low-skilled hackers, known as "script kiddies," with a fake malware builder that secretly infected them with…
Will 2025 See a Rise of NHI Attacks?
The flurry of non-human identity attacks at the end of 2024 demonstrates extremely strong momentum heading into the new year.…
Mandatory MFA, Biometrics Make Headway in Middle East, Africa
Despite lagging in technology adoption, African and Middle Eastern organizations are catching up, driven by smartphone acceptance and national identity…
How Government Agencies Can Level the Cybersecurity Playing Field With AI/ML
The threat cybercriminals pose to federal information systems and networks is real and pervasive. Defending against unauthorized intrusions is a…
Malicious PyPi package steals Discord auth tokens from devs
A malicious package named 'pycord-self' on the Python package index (PyPI) targets Discord developers to steal authentication tokens and plant a…
Microsoft fixes Office 365 apps crashing on Windows Server systems
Microsoft has fixed a known issue that caused Microsoft 365 applications and Classic Outlook to crash on Windows Server 2016 or…
WP3.XYZ malware attacks add rogue admins to 5,000+ WordPress sites
A new malware campaign has compromised more than 5,000 WordPress sites to create admin accounts, install a malicious plugin, and steal…
SonicWall urges admins to patch exploitable SSLVPN bug immediately
SonicWall is emailing customers urging them to upgrade their firewall's SonicOS firmware to patch an authentication bypass vulnerability in SSL VPN…
Hackers exploit KerioControl firewall flaw to steal admin CSRF tokens
Hackers are trying to exploit CVE-2024-52875, a critical CRLF injection vulnerability that leads to 1-click remote code execution (RCE) attacks in…
Cryptocurrency wallet drainers stole $494 million in 2024
Scammers stole $494 million worth of cryptocurrency in wallet drainer attacks last year that targeted more than 300,000 wallet addresses.…