Cybersecurity News
-
Hackers Breach Active Directory, Steal NTDS.dit for Full Domain Compromise
Threat actors recently infiltrated a corporate environment, dumped the AD database file NTDS.dit, and nearly achieved full domain control. AD acts as the backbone of Windows domains, storing account data,…
Read More » -
Researchers Map Links Between Major Hacker Groups: LAPSUS$, Scattered Spider, ShinyHunters
A loosely connected cybercrime supergroup is exploiting social engineering to compromise Fortune 100 organizations and government agencies. LAPSUS$, Scattered Spider, and ShinyHunters—three of the most notorious English-speaking cybercrime groups—have increasingly…
Read More » -
Apache Airflow Vulnerability Lets Read-Only Users Access Sensitive Data
Apache Airflow maintainers have disclosed a serious security issue, tracked as CVE-2025-54831, that allows users holding only read permissions to view sensitive connection details via both the Airflow API and…
Read More » -
Malicious MCP Server Discovered Stealing Sensitive Emails Using AI Agents
Enterprises everywhere are embracing MCP servers—tools that grant AI assistants “god-mode” permissions to send emails, run database queries, and automate tedious tasks. But no one ever stopped to ask: Who…
Read More » -
New XCSSET Malware Variant Targets macOS App Developers
Cybersecurity researchers have discovered an advanced variant of the XCSSET malware specifically targeting macOS developers through infected Xcode projects, introducing sophisticated clipboard hijacking and enhanced data exfiltration capabilities. Microsoft Threat…
Read More » -
Living Security Unveils HRMCon 2025 Speakers as Report Finds Firms Detect Just 19% of Human Risk
Living Security, a global leader in Human Risk Management (HRM), today announced the full speaker lineup for the Human Risk Management Conference (HRMCon 2025), taking place October 20, 2025, at…
Read More » -
BRICKSTORM Backdoor Hits Tech and Legal Firms with Stealthy New Campaign
Persistent, stealthy, and cross-platform, the BRICKSTORM backdoor has emerged as a significant threat to U.S. technology and legal organizations. Tracked by Google Threat Intelligence Group (GTIG) and investigated by Mandiant…
Read More » -
UK Police Arrest Suspect Tied to Ransomware Attack on European Airports
A person in his forties has been arrested in connection with a cyber-attack that caused days of disruption at several major European airports, including London Heathrow. The National Crime Agency…
Read More » -
Attackers Bypass EDR by Using In-Memory PE Loaders Delivered via Malicious Downloads
Security researchers have discovered a wave of attacks that use in-memory PE loaders to slip past endpoint detection and response (EDR) systems. In these incidents, threat actors deliver a small downloader to…
Read More » -
Defy Security Appoints Esteemed Cybersecurity Leader Gary Warzala to Its Board of Directors
Defy Security, a leading provider of cybersecurity solutions and services, today announced the appointment of Gary Warzala to its Board of Directors. Warzala is a highly regarded cybersecurity executive with…
Read More » -
Threat Actors Breach Enterprise Infrastructure Within 18 Minutes of Initial Access
Attackers are accelerating their foothold in corporate networks: over the past three months (June 1 to August 31, 2025), the average time from initial breach to lateral movement—called “breakout time”—fell…
Read More » -
Top 10 Best Cybersecurity Compliance Management Software in 2025
Best Cybersecurity Compliance Management Software Cybersecurity compliance has become a mission-critical part of modern business operations. With the rise of data privacy laws, global regulations, and increasing cyber threats, organizations…
Read More » -
BlockBlasters Steam Game Disguises Malware as Patch for Computer Download
BlockBlasters, a vibrant 2D platformer/shooter from Genesis Interactive, launched on July 31, 2025 to wide acclaim. However, on August 30, 2025, the developers released Build 19799326, ostensibly a routine patch.…
Read More » -
Threat Actors Market Stealthy New RAT as Alternative to ScreenConnect FUD
Cybersecurity researchers have identified a concerning development in the underground cybercrime marketplace: a sophisticated Remote Access Trojan (RAT) being marketed as a fully undetectable (FUD) alternative to the legitimate ScreenConnect…
Read More » -
Nokia CBIS/NCS Manager API Vulnerability Allows Attackers to Bypass Authentication
On September 18, 2025, Orange Cert publicly disclosed a critical authentication bypass vulnerability affecting Nokia’s CBIS (CloudBand Infrastructure Software) and NCS (Nokia Container Service) Manager API (CVE-2023-49564). With a CVSS…
Read More »