Cybersecurity News
-
10 Best EDR Companies (Endpoint Detection And Response) in 2025
In 2025, the endpoint remains the primary battleground for cyber attackers, making the implementation of EDR solutions a critical necessity for robust cybersecurity defenses. Laptops, desktops, servers, mobile devices, and…
Read More » -
10 Best Endpoint Protection Solutions for MSP/MSSPs in 2025
Managed Service Providers (MSPs) and Managed Security Service Providers (MSSPs) are the guardians of cybersecurity for a vast and diverse clientele. In 2025, their role is more critical than ever…
Read More » -
BQTLOCK Ransomware-as-a-Service Emerges, Boasting Sophisticated Evasion Tactics
Ransomware-as-a-Service (RaaS) models continue to democratize sophisticated attacks in the ever-changing world of cybercrime by allowing affiliates with little technical know-how to distribute ransomware through profit-sharing or subscription models. A…
Read More » -
Lumma Operators Deploy Cutting-Edge Evasion Tools to Maintain Stealth and Persistence
Lumma infostealer affiliates’ complex operating framework was revealed by Insikt Group in a ground-breaking report published on August 22, 2025, underscoring their reliance on cutting-edge evasion technologies to support cybercrime…
Read More » -
10 Best Network Monitoring Tools in 2025
The digital landscape in 2025 is more complex than ever, with organizations relying on intricate hybrid, cloud, and on-premises networks to power their operations. Network monitoring tools have become indispensable…
Read More » -
Help TDS Hacks Legitimate Websites, Using PHP Templates to Display Fake Microsoft Security Alerts
GoDaddy Security researchers have unveiled a detailed analysis of Help TDS, a sophisticated Traffic Direction System operational since at least 2017, which exploits compromised websites to funnel traffic toward malicious…
Read More » -
Hackers Hijack VPS Servers to Breach Software-as-a-Service Accounts
Virtual Private Servers (VPS) have long served as versatile tools for developers and businesses, offering dedicated resources on shared physical hardware with enhanced control and scalability. However, threat actors are…
Read More » -
Agentic AI vs SOAR: What’s the Real Difference?a
By now, you’ve heard the hype. Agentic AI; self-directed and goal-oriented. Supposedly, the next big thing in security automation. If you’re working in a Security Operations Center (SOC), it might sound…
Read More » -
Threat Actors Exploiting Victims’ Machines for Bandwidth Monetization
Cybersecurity researchers have uncovered an ongoing campaign where threat actors exploit the critical CVE-2024-36401 vulnerability in GeoServer, a geospatial database, to remotely execute code and monetize victims’ bandwidth. This remote…
Read More » -
AI Website Generators Repurposed by Adversaries for Malware Campaigns
Adversaries are using AI-powered website builders to expedite the development of harmful infrastructure in a quickly changing threat landscape, hence reducing the entry barriers for malware distribution and credential phishing.…
Read More » -
RingReaper Malware Targets Linux Servers, Stealthily Evading EDR Solutions
A new malware campaign dubbed RingReaper has emerged, targeting servers with advanced post-exploitation capabilities that exploit the kernel’s io_uring asynchronous I/O interface to bypass Endpoint Detection and Response (EDR) systems.…
Read More » -
A New Malware Loader Spreading Infostealers and Remote Access Trojans (RATs)
IBM X-Force has tracked QuirkyLoader, a sophisticated loader malware deployed by threat actors to distribute prominent families such as Agent Tesla, AsyncRAT, FormBook, MassLogger, Remcos, Rhadamanthys, and Snake Keylogger. This…
Read More » -
Lenovo AI Chatbot Flaw Allows Remote Script Execution on Corporate Systems
Cybersecurity researchers have uncovered critical vulnerabilities in Lenovo’s AI-powered customer support chatbot that could allow attackers to execute malicious scripts on corporate systems and steal sensitive session data. The discovery…
Read More » -
47,000 Individuals Affected by Data Breach, Reveals NY Business Council
The Business Council of New York State, Inc., a prominent commercial organization based in Albany, has disclosed a data breach impacting approximately 47,329 individuals. The breach, characterized as an external…
Read More » -
New Research Reveals Security Vulnerabilities Linked to Popular VPN Apps
Researchers have uncovered deceptive practices among major VPN providers, linking seemingly independent entities into three distinct “families” with combined Google Play Store downloads exceeding 700 million. By analyzing business filings,…
Read More » -
Microsoft Defender AI Can Detect Plaintext Credentials in Active Directory
Microsoft has unveiled a new AI-powered security capability that addresses one of cybersecurity’s most persistent vulnerabilities: plaintext credentials stored in Active Directory systems. The enhanced Microsoft Defender feature uses sophisticated…
Read More » -
Threat Actors Use Pirated Games to Bypass Microsoft Defender SmartScreen and Adblockers
Cybersecurity researchers have uncovered a sophisticated campaign where threat actors leverage pirated game downloads to distribute HijackLoader, a modular malware loader, effectively bypassing common defenses like adblockers and Microsoft Defender…
Read More » -
Threat Actors Exploit Microsoft Help Index File to Deploy PipeMagic Malware
Cybersecurity researchers have uncovered a sophisticated campaign where threat actors leverage a Microsoft Help Index File (.mshi) to deploy the PipeMagic backdoor, marking a notable evolution in malware delivery methods.…
Read More »