New Coyote Malware Variant Exploits Windows UI Automation to Steal Banking Credentials
The Windows banking trojan known as Coyote has become the first known malware strain to exploit the Windows…
Kerberoasting Detections: A New Approach to a Decade-Old Challenge
Security experts have been talking about Kerberoasting for over a decade, yet this attack continues to evade typical…
Google Launches OSS Rebuild to Expose Malicious Code in Widely Used Open-Source Packages
Google has announced the launch of a new initiative called OSS Rebuild to bolster the security of the…
CISA Orders Urgent Patching After Chinese Hackers Exploit SharePoint Flaws in Live Attacks
The U.S. Cybersecurity and Infrastructure Security Agency (CISA), on July 22, 2025, added two Microsoft SharePoint flaws, CVE-2025-49704…
CISA Warns: SysAid Flaws Under Active Attack Enable Remote File Access and SSRF
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added two security flaws impacting SysAid IT support software to…
Cisco Confirms Active Exploits Targeting ISE Flaws Enabling Unauthenticated Root Access
Cisco on Monday updated its advisory of a set of recently disclosed security flaws in Identity Services Engine…
Credential Theft and Remote Access Surge as AllaKore, PureRAT, and Hijack Loader Proliferate
Mexican organizations are still being targeted by threat actors to deliver a modified version of AllaKore RAT and…
How to Advance from SOC Manager to CISO?
Making the move from managing a security operations center (SOC) to being a chief information security officer (CISO)…
Hackers Exploit SharePoint Zero-Day Since July 7 to Steal Keys, Maintain Persistent Access
The recently disclosed critical Microsoft SharePoint vulnerability has been under exploitation as early as July 7, 2025, according…
Iran-Linked DCHSpy Android Malware Masquerades as VPN Apps to Spy on Dissidents
Cybersecurity researchers have unearthed new Android spyware artifacts that are likely affiliated with the Iranian Ministry of Intelligence…