My Courses
-
Apple releases fix for CVE-2025-43300 zero-day vulnerability
Apple has released critical security updates to address a zero-day vulnerability impacting iOS, iPadOS, and macOS, which has reportedly been exploited in the wild. The…
-
AI boosts ransomware impacts
Ransomware continues to pose a significant threat to large and medium-sized businesses, with numerous ransomware gangs leveraging artificial intelligence for automation, according to Acronis. From…
-
Chinese hacker groups Murky, Genesis, and Glacial Panda targeting cloud computing and telecommunications
Cybersecurity researchers have raised alarms about the malicious activities of a China-nexus cyber espionage group known as Murky Panda, which exploits trusted relationships in the…
-
Linux RAR malware bypasses antivirus software
Cybersecurity researchers have uncovered a sophisticated attack chain that utilises phishing emails to deliver an open-source backdoor known as VShell. This Linux-specific malware infection begins…
-
Automation is transforming how penetration testing services are provided.
Pentesting remains one of the most effective methods for identifying real-world security weaknesses before adversaries can exploit them. However, as the threat landscape has evolved,…
-
Increasing municipal infrastructure hacking risk
A small-town water system, a county hospital, and a local school district may not appear to be front-line targets in global conflict, yet they are…
-
OSINT helps financial institutions combat money laundering
Open Source Intelligence (OSINT) tools play a crucial role in helping financial firms combat money laundering by revealing complex networks and ownership structures. Money launderers…
-
Commvault pre-auth exploit chain allows remote code execution
Commvault has released critical updates to address four security vulnerabilities that could be exploited for remote code execution on affected instances. The vulnerabilities, identified in…
-
ClickFix & fake CAPTCHAs facilitate CORNFLAKE.V3 deployment
Threat actors have been observed employing a deceptive social engineering tactic known as ClickFix to deploy a versatile backdoor codenamed CORNFLAKE.V3. Google-owned Mandiant has described…
-
QuirkyLoader distributes Agent Tesla, AsyncRAT, Snake Keylogger and other malware
Cybersecurity researchers have revealed a new malware loader named QuirkyLoader, which has been actively delivering various next-stage payloads, including information stealers and remote access trojans,…