My Courses
-
Microsoft 365’s Direct Send feature has been exploited to circumvent email security measures.
Cybersecurity researchers have identified a sophisticated spear phishing campaign that exploits Microsoft 365’s Direct Send feature to bypass traditional email security measures and execute hyper-personalised…
-
The ScarCruft hacker group has initiated a new malware campaign that utilizes Rust programming language and the PubNub service.
The North Korean state-sponsored Advanced Persistent Threat (APT) group ScarCruft has initiated a sophisticated malware campaign aimed at South Korean users, utilising a deceptive postal-code…
-
Recent “Ghost Calls” attacks exploit web conferencing tools for secret command and control operations.
A sophisticated new attack technique known as “Ghost Calls” exploits web conferencing platforms to establish covert command and control (C2) channels. Presented by Adam Crosser…
-
A total of 6,500 Axis servers are found to have the Remoting Protocol open, with 4,000 of them located in the United States susceptible to potential exploits.
Cybersecurity researchers have identified multiple security vulnerabilities in video surveillance products from Axis Communications that could potentially lead to takeover attacks. These flaws allow for…
-
Malicious Go and npm packages are spreading cross-platform malware that can initiate remote data erasure.
Cybersecurity researchers have identified a set of 11 malicious Go packages designed to download and execute additional payloads on both Windows and Linux systems. At…
-
IRGC-affiliated hacking groups are launching attacks on specific financial institutions, government entities, and media organizations.
During the 12-day conflict between Israel and Iran in June 2025, a sophisticated network of Iranian-linked cyber threat actors launched coordinated digital operations against critical…
-
Advanced DevilsTongue Windows spyware monitors users around the world.
The emergence of DevilsTongue signifies a notable advancement in mercenary spyware capabilities, employing sophisticated Windows-based techniques to infiltrate high-value targets globally. First detected in campaigns…
-
Weaknesses in Rockwell Arena Simulation allow attackers to run harmful code from a distance.
Rockwell Automation has disclosed three critical memory corruption vulnerabilities in its Arena® Simulation software, which could enable threat actors to execute arbitrary code remotely on…
-
CAPTCHAgeddon – A New ClickFix Attack Uses Phony CAPTCHA to Distribute Malware
A sophisticated new malware campaign, known as “ClickFix,” has emerged, weaponising fake CAPTCHA verification pages to deceive users into executing malicious PowerShell commands. This campaign…
-
Vulnerabilities in CyberArk Conjur have led to the exposure of sensitive enterprise information.
CyberArk has addressed multiple vulnerabilities within its Conjur platform that posed significant risks, allowing for unauthenticated remote code execution. These vulnerabilities could potentially be exploited…
