My Courses
-
IRGC-affiliated hacking groups are launching attacks on specific financial institutions, government entities, and media organizations.
During the 12-day conflict between Israel and Iran in June 2025, a sophisticated network of Iranian-linked cyber threat actors launched coordinated digital operations against critical…
-
Advanced DevilsTongue Windows spyware monitors users around the world.
The emergence of DevilsTongue signifies a notable advancement in mercenary spyware capabilities, employing sophisticated Windows-based techniques to infiltrate high-value targets globally. First detected in campaigns…
-
Weaknesses in Rockwell Arena Simulation allow attackers to run harmful code from a distance.
Rockwell Automation has disclosed three critical memory corruption vulnerabilities in its Arena® Simulation software, which could enable threat actors to execute arbitrary code remotely on…
-
CAPTCHAgeddon – A New ClickFix Attack Uses Phony CAPTCHA to Distribute Malware
A sophisticated new malware campaign, known as “ClickFix,” has emerged, weaponising fake CAPTCHA verification pages to deceive users into executing malicious PowerShell commands. This campaign…
-
Vulnerabilities in CyberArk Conjur have led to the exposure of sensitive enterprise information.
CyberArk has addressed multiple vulnerabilities within its Conjur platform that posed significant risks, allowing for unauthenticated remote code execution. These vulnerabilities could potentially be exploited…
-
SpyCloud Improves Its Investigations Solution by Incorporating AI-Driven Insights – Transforming the Analysis of Insider Threats and Cybercrime.
SpyCloud, a leader in identity threat protection, announced a significant enhancement to its SaaS Investigations solution on August 6th, 2025. The integration of advanced AI-powered…
-
Cybercriminals Employ Social Engineering Tactics to Secure Remote Access in 300 Seconds.
Threat actors successfully compromised corporate systems within just five minutes by employing a combination of social engineering tactics and rapid PowerShell execution. Investigated by NCC…
-
A newly discovered vulnerability in Microsoft Exchange Server allows attackers to acquire administrative privileges.
A critical security vulnerability in Microsoft Exchange Server hybrid deployments has been disclosed, allowing attackers with on-premises administrative access to escalate privileges to cloud environments…
-
Leading enterprise AI assistants are susceptible to misuse, which could lead to data theft and manipulation.
Zenity has revealed significant vulnerabilities in major AI assistants, including ChatGPT, Copilot, Cursor, Gemini, and Salesforce Einstein. These AI tools can be manipulated through specially…
-
Scientists have discovered a vulnerability in ECScape related to Amazon ECS that allows for the theft of credentials across different tasks.
Cybersecurity researchers have unveiled an alarming “end-to-end privilege escalation chain” within Amazon Elastic Container Service (ECS), which could be exploited by attackers to facilitate lateral…