Pro-Iranian Hacktivist Group Leaks Personal Records from the 2024 Saudi Games
Thousands of personal records allegedly linked to athletes and visitors of the Saudi Games have been published online…
Beware the Hidden Risk in Your Entra Environment
If you invite guest users into your Entra ID tenant, you may be opening yourself up to a…
SonicWall NetExtender Trojan and ConnectWise Exploits Used in Remote Access Attacks
Unknown threat actors have been distributing a trojanized version of SonicWall’s SSL VPN NetExtender application to steal credentials…
North Korea-linked Supply Chain Attack Targets Developers with 35 Malicious npm Packages
Cybersecurity researchers have uncovered a fresh batch of malicious npm packages linked to the ongoing Contagious Interview operation…
Between Buzz and Reality: The CTEM Conversation We All Need
I had the honor of hosting the first episode of the Xposure Podcast live from Xposure Summit 2025.…
Hackers Exploit Misconfigured Docker APIs to Mine Cryptocurrency via Tor Network
Misconfigured Docker instances are the target of a campaign that employs the Tor anonymity network to stealthily mine…
U.S. House Bans WhatsApp on Official Devices Over Security and Data Protection Issues
The U.S. House of Representatives has formally banned congressional staff members from using WhatsApp on government-issued devices, citing…
APT28 Uses Signal Chat to Deploy BEARDSHELL Malware and COVENANT in Ukraine
The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of a new cyber attack campaign by the…
China-linked Salt Typhoon Exploits Critical Cisco Vulnerability to Target Canadian Telecom
The Canadian Centre for Cyber Security and the U.S. Federal Bureau of Investigation (FBI) have issued an advisory…
XDigo Malware Exploits Windows LNK Flaw in Eastern European Government Attacks
Cybersecurity researchers have uncovered a Go-based malware called XDigo that has been used in attacks targeting Eastern European…