LATEST

UAT-8837 Hackers Target Organizations Using Open-Source Tools to Steal Sensitive Data

UAT-8837 is a suspected China-nexus advanced persistent threat (APT) group that the researcher has identified This article explores exploited uat 8837. . Its primary goal is to obtain init

Predator Spyware Sample Indicates 'Vendor-Controlled' C2

For a long time, commercial spyware vendors have defended their companies by arguing that they sell their products to government agencies in support of national security and law enforcemen

New Malware Targets 200,000+ U.S. Bank Employees to Steal Login Credentials

A sophisticated keylogger attack that targeted the employee store of one of the biggest banks in America has been discovered by cybersecurity researchers, putting over 200,000 employees at

New AWS Console Supply Chain Attack Sees Hackers Hijack AWS GitHub Repositories

Researchers have discovered CodeBreach, a serious flaw that allows the full takeover of important AWS GitHub repositories, endangering the AWS Console supply chain This article explores sd

LOTUSLITE Backdoor Targets U.S. Policy Entities Using Venezuela-Themed Spear Phishing

Security experts have revealed information about a new campaign that uses politically themed lures to deliver a backdoor known as LOTUSLITE to U.S. government and policy entities. The targ

Cisco Patches Zero-Day RCE Exploited by China-Linked APT in Secure Email Gateways

Almost a month after the company revealed that a China-nexus advanced persistent threat (APT) actor codenamed UAT-9686 had exploited a maximum-severity security flaw affecting Cisco AsyncO

APT Associated with China Uses Sitecore Zero-Day to Attack American Critical Infrastructure

Since at least last year, critical infrastructure sectors in North America have been the target of a threat actor that is probably affiliated with China This article explores ttps uat 8837

Azure Identity Token Vulnerability Enables Windows Admin Center Tenant-Wide Compromise

Attackers with local administrator access were able to circumvent authentication procedures and obtain unauthorized access to any machine within the same Azure tenant due to a critical vul

ThreatsDay Bulletin: AI Voice Cloning Exploit, Wi-Fi Kill Switch, PLC Vulns, and 14 More Stories

There is never a quiet moment on the internet This article explores apple intelligence uphold. . There are new security issues, scams, and hacks every week.

The stories this week de

Model Security Is the Wrong Frame – The Real Risk Is Workflow Security

Security teams continue to concentrate on safeguarding the models themselves even as AI copilots and assistants are integrated into daily tasks This article explores safeguarding models ai