Securing CI/CD workflows with Wazuh
Continuous Integration and Continuous Delivery/Deployment (CI/CD) refers to practices that automate how code is developed and released to…
How to Detect Phishing Attacks Faster: Tycoon2FA Example
It takes just one email to compromise an entire system. A single well-crafted message can bypass filters, trick…
Hazy Hawk Exploits DNS Records to Hijack CDC, Corporate Domains for Malware Delivery
A threat actor known as Hazy Hawk has been observed hijacking abandoned cloud resources of high-profile organizations, including…
100+ Fake Chrome Extensions Found Hijacking Sessions, Stealing Credentials, Injecting Ads
An unknown threat actor has been attributed to creating several malicious Chrome Browser extensions since February 2024 that…
AWS Default IAM Roles Found to Enable Lateral Movement and Cross-Service Exploitation
Cybersecurity researchers have discovered risky default identity and access management (IAM) roles impacting Amazon Web Services that could…
The Crowded Battle: Key Insights from the 2025 State of Pentesting Report
In the newly released 2025 State of Pentesting Report, Pentera surveyed 500 CISOs from global enterprises (200 from…
South Asian Ministries Hit by SideWinder APT Using Old Office Flaws and Custom Malware
High-level government institutions in Sri Lanka, Bangladesh, and Pakistan have emerged as the target of a new campaign…
RVTools Official Site Hacked to Deliver Bumblebee Malware via Trojanized Installer
The official site for RVTools has been hacked to serve a compromised installer for the popular VMware environment…
Ransomware Gangs Use Skitnet Malware for Stealthy Data Theft and Remote Access
Several ransomware actors are using a malware called Skitnet as part of their post-exploitation efforts to steal sensitive…
Why CTEM is the Winning Bet for CISOs in 2025
Continuous Threat Exposure Management (CTEM) has moved from concept to cornerstone, solidifying its role as a strategic enabler…