Latest cybersecurity news, threat intelligence, vulnerability disclosures and security research from our expert team.
A new campaign by the Russia-linked threat actor APT28, also known as Forest Blizzard, has been discovered targeting small office/home office routers globally to conduct DNS hijacking attacks, intercepting traffic to critical infrastructure targets.
Read Full ArticleA critical security vulnerability in Marimo, an open-source Python notebook for data science and analysis, has been actively exploited within just 10 hours of public disclosure, highlighting the growing speed of weaponization.
Read Full ArticleA recently patched security vulnerability in the EngageLab SDK, a widely used third-party Android software development kit, has exposed approximately 50 million users to potential data theft and unauthorized access.
Read Full ArticleUnknown threat actors have hijacked the update system for the Smart Slider 3 Pro plugin for WordPress, distributing a backdoored version to thousands of websites through compromised Nextend update servers.
Read Full ArticleThe cybersecurity landscape is constantly evolving, with new threats emerging every week. This week features the emergence of a sophisticated hybrid P2P botnet and active exploitation of a 13-year-old Apache vulnerability.
Read Full ArticleA new and largely unaddressed threat is emerging in the realm of AI security: AI browser extensions. While the discussion on AI security often focuses on shadow AI, these extensions present a unique risk to enterprise environments.
Read Full ArticleGoogle has announced the general availability of Device Bound Session Credentials (DBSC) for all Windows users of Chrome, a major step toward eliminating cookie theft attacks and improving session security.
Read Full Article