A recently patched pair of security flaws affecting Ivanti Endpoint Manager Mobile (EPMM) software has been exploited by a China-nexus threat actor to target a wide range of sectors across Europe, North America, and the Asia-Pacific region.
The vulnerabilities, tracked as CVE-2025-4427 (CVSS score: 5.3) and CVE-2025-4428 (CVSS score: 7.2), could be chained to execute arbitrary code on aView the full article
It’s not enough to be secure. In today’s legal climate, you need to prove it.
Whether you’re protecting a small company or managing compliance across a global enterprise, one thing is clear: cybersecurity can no longer be left to guesswork, vague frameworks, or best-effort intentions.
Regulators and courts are now holding organizations accountable for how “reasonable” their security programs areView the full article
Cybersecurity researchers have uncovered multiple critical security vulnerabilities impacting the Versa Concerto network security and SD-WAN orchestration platform that could be exploited to take control of susceptible instances.
It's worth noting that the identified shortcomings remain unpatched despite responsible disclosure on February 13, 2025, prompting a public release of the issuesView the full article
For many organizations, identity security appears to be under control. On paper, everything checks out. But new research from Cerby, based on insights from over 500 IT and security leaders, reveals a different reality: too much still depends on people—not systems—to function. In fact, fewer than 4% of security teams have fully automated their core identity workflows.
Core workflows, likeView the full article
A sprawling operation undertaken by global law enforcement agencies and a consortium of private sector firms has disrupted the online infrastructure associated with a commodity information stealer known as Lumma (aka LummaC or LummaC2), seizing 2,300 domains that acted as the command-and-control (C2) backbone to commandeer infected Windows systems.
"Malware like LummaC2 is deployed to stealView the full article
Russian cyber threat actors have been attributed to a state-sponsored campaign targeting Western logistics entities and technology companies since 2022.
The activity has been assessed to be orchestrated by APT28 (aka BlueDelta, Fancy Bear, or Forest Blizzard), which is linked to the Russian General Staff Main Intelligence Directorate (GRU) 85th Main Special Service Center, Military Unit 26165.View the full article
Russian organizations have become the target of a phishing campaign that distributes malware called PureRAT, according to new findings from Kaspersky.
"The campaign aimed at Russian business began back in March 2023, but in the first third of 2025 the number of attacks quadrupled compared to the same ******* in 2024," the cybersecurity vendor said.
The attack chains, which have not beenView the full article
Counterfeit Facebook pages and sponsored ads on the social media platform are being employed to direct users to fake websites masquerading as Kling AI with the goal of tricking victims into downloading malware.
Kling AI is an artificial intelligence (AI)-powered platform to synthesize images and videos from text and image prompts. Launched in June 2024, it's developed by Kuaishou Technology,View the full article
Continuous Integration and Continuous Delivery/Deployment (CI/CD) refers to practices that automate how code is developed and released to different environments. CI/CD pipelines are fundamental in modern software development, ensuring code is consistently tested, built, and deployed quickly and efficiently.
While CI/CD automation accelerates software delivery, it can also introduce securityView the full article
It takes just one email to compromise an entire system. A single well-crafted message can bypass filters, trick employees, and give attackers the access they need. Left undetected, these threats can lead to credential theft, unauthorized access, and even full-scale breaches. As phishing techniques become more evasive, they can no longer be reliably caught by automated solutions alone.
Let’s takeView the full article
Cybersecurity researchers have discovered a new campaign that employs malicious JavaScript injections to redirect site visitors on mobile devices to a ******** adult-content Progressive Web App (PWA) scam.
"While the payload itself is nothing new (yet another adult gambling scam), the delivery method stands out," c/side researcher Himanshu Anand said in a Tuesday analysis.
"The malicious landingView the full article
Google has announced a new feature in its Chrome browser that lets its built-in Password Manager automatically change a user's password when it detects the credentials to be compromised.
"When Chrome detects a compromised password during sign in, Google Password Manager prompts the user with an option to fix it automatically," Google's Ashima Arora, Chirag Desai, and Eiji Kitamura said. "OnView the full article
A threat actor known as Hazy Hawk has been observed ********** abandoned cloud resources of high-profile organizations, including Amazon S3 buckets and Microsoft Azure endpoints, by leveraging misconfigurations in the Domain Name System (DNS) records.
The hijacked domains are then used to host URLs that direct users to scams and malware via traffic distribution systems (TDSes), according toView the full article
An unknown threat actor has been attributed to creating several malicious Chrome Browser extensions since February 2024 that masquerade as seemingly benign utilities but incorporate covert functionality to exfiltrate data, receive commands, and execute arbitrary code.
"The actor creates websites that masquerade as legitimate services, productivity tools, ad and media creation or analysisView the full article
High-level government institutions in Sri Lanka, Bangladesh, and Pakistan have emerged as the target of a new campaign orchestrated by a threat actor known as SideWinder.
"The attackers used spear phishing emails paired with geofenced payloads to ensure that only victims in specific countries received the malicious content," Acronis researchers Santiago Pontiroli, Jozsef Gegeny, and PrakasView the full article
Cybersecurity researchers have discovered risky default identity and access management (IAM) roles impacting Amazon Web Services that could open the door for attackers to escalate privileges, manipulate other AWS services, and, in some cases, even fully compromise AWS accounts.
"These roles, often created automatically or recommended during setup, grant overly broad permissions, such as full S3View the full article
In the newly released 2025 State of Pentesting Report, Pentera surveyed 500 CISOs from global enterprises (200 from within the USA) to understand the strategies, tactics, and tools they use to cope with the thousands of security alerts, the persisting breaches and the growing cyber risks they have to handle. The findings reveal a complex picture of progress, challenges, and a shifting mindsetView the full article
Threat hunters have exposed the tactics of a China-aligned threat actor called UnsolicitedBooker that targeted an unnamed international organization in Saudi Arabia with a previously undocumented ********* dubbed MarsSnake.
ESET, which first discovered the hacking group's intrusions targeting the entity in March 2023 and again a year later, said the activity leverages spear-phishing emails usingView the full article
Cybersecurity researchers are calling attention to a new Linux cryptojacking campaign that's targeting publicly accessible Redis servers.
The malicious activity has been codenamed RedisRaider by Datadog Security Labs.
"RedisRaider aggressively scans randomized portions of the IPv4 space and uses legitimate Redis configuration commands to execute malicious cron jobs on vulnerable systems,"View the full article
Cybersecurity researchers have uncovered malicious packages uploaded to the Python Package Index (PyPI) repository that act as checker tools to validate stolen email addresses against TikTok and Instagram APIs.
All three packages are no longer available on PyPI. The names of the Python packages are below -
checker-SaGaF (2,605 downloads)
steinlurks (1,049 downloads)
sinnercore (3,300 downloads)View the full article
The official site for RVTools has been hacked to serve a compromised installer for the popular VMware environment reporting utility.
"Robware.net and RVTools.com are currently offline. We are working expeditiously to restore service and appreciate your patience," the company said in a statement posted on its website.
"Robware.net and RVTools.com are the only authorized and supported websites forView the full article
Several ransomware actors are using a malware called Skitnet as part of their post-exploitation efforts to steal sensitive data and establish remote control over compromised hosts.
"Skitnet has been sold on underground forums like RAMP since April 2024," Swiss cybersecurity company PRODAFT told The Hacker News. "However, since early 2025, we have observed multiple ransomware operators using itView the full article
Continuous Threat Exposure Management (CTEM) has moved from concept to cornerstone, solidifying its role as a strategic enabler for CISOs. No longer a theoretical framework, CTEM now anchors today’s cybersecurity programs by continuously aligning security efforts with real-world risk.
At the heart of CTEM is the integration of Adversarial Exposure Validation (AEV), an advanced, offensiveView the full article
Mozilla has released security updates to address two critical security flaws in its Firefox browser that could be potentially exploited to access sensitive data or achieve code execution.
The vulnerabilities, both of which were exploited as a zero-day at Pwn2Own Berlin, are listed below -
CVE-2025-4918 - An out-of-bounds access vulnerability when resolving Promise objects that could allow anView the full article
Cybersecurity leaders aren’t just dealing with attacks—they’re also protecting trust, keeping systems running, and maintaining their organization’s reputation. This week’s developments highlight a ******* issue: as we rely more on digital tools, hidden weaknesses can quietly grow.
Just fixing problems isn’t enough anymore—resilience needs to be built into everything from the ground up.View the full article
For verified travel tips and real support, visit: [Hidden Content]
Privacy Notice: We utilize cookies to optimize your browsing experience and analyze website traffic. By consenting, you acknowledge and agree to our Cookie Policy, ensuring your privacy preferences are respected.
