Collaborate Disseminate
Microsoft and Cloudflare have disrupted a Phishing-as-a-Service operation selling the RaccoonO365 kit for stealing Microsoft 365 account credentials. “Using a court order granted by the Southern District of New York, [we] seized 338 websites asso… Continue reading Microsoft disrupts the RaccoonO365 Phishing-as-a-Service operation, names alleged leader
A potentially monumental supply chain attack is underway, thanks to a self-replicating worm-like payload that has been compromising packages published on the npm Registry. The worm has been dubbed “Shai-hulud” as it steals credentials from … Continue reading Self-replicating worm hits 180+ npm packages in (largely) automated supply chain attack
All target organizations are different, but ransomware attackers are highly adaptive and appreciate – and will exploit – any mistake you make. The latest Akira ransomware attacks Managed security service providers and external incident resp… Continue reading Ransomware attackers used incorrectly stored recovery codes to disable EDR agents
Developers publishing crates (binaries and libraries written in Rust) on crates.io, Rust’s main public package registry, have been targeted with emails echoing the recent npm phishing campaign. The phishing email The emails started hitting developers&#… Continue reading Phishing campaign targets Rust developers
The US Cybersecurity and Infrastructure Security Agency (CISA) has affirmed its continuing support for the Common Vulnerabilities and Exposures (CVE) program. “If we want to outpace and outmaneuver our adversaries, we must first ensure that defen… Continue reading CISA looks to partners to shore up the future of the CVE Program
Over a year after SonicWall patched CVE-2024-40766, a critical flaw in its next-gen firewalls, ransomware attackers are still gaining a foothold in organizations by exploiting it. Like last September and earlier this year, the attackers are affiliates … Continue reading Akira ransomware affiliates continue breaching organizations via SonicWall firewalls
An out-of-the-box setting in Cursor, a popular AI source-code editor, could be leveraged by attackers to covertly run malicious code on users’ computers, researchers have warned. An exploitable vulnerability in the Cursor AI editor Cursor is an A… Continue reading Default Cursor setting can be exploited to run malicious code on developers’ machines
On September 2025 Patch Tuesday, Microsoft has released patches for 80+ vulnerabilities in its various software products, but the good news is that none of them are actively exploited. Among the critical and important vulnerabilities patched by Microso… Continue reading Microsoft, Adobe, SAP deliver critical fixes for September 2025 Patch Tuesday
Most organizations run an annual network penetration test, remediate the issues it uncovers, and move on. But attackers are probing networks every day, using publicly available tools to exploit common misconfigurations and overlooked vulnerabilities. A… Continue reading Automated network pentesting uncovers what traditional tests missed
Media streaming company Plex has suffered a data breach and is urging users to reset their account password and enable two-factor authentication. “An unauthorized third party accessed a limited subset of customer data from one of our databases. W… Continue reading Plex tells users to change passwords due to data breach, pushes server owners to upgrade