Latest Intelligence
Why Your Security Culture is Critical to Mitigating Cyber Risk
Organizations have realized that relying solely on advanced security tools and technologies is insufficient to mitigate cyber risk. As attackers evolve their strategies, focusing less on infrastructure vulnerabilities and more on other aspects, a strong security culture becomes essential. Read Original »
New Exploit Poses Threat to SAP NetWeaver Instances
A new public exploit has been discovered that combines two critical vulnerabilities in SAP NetWeaver, leading to potential code execution attacks on unpatched instances. This poses a significant security risk for organizations using this software. Read Original »
GodRAT – New RAT targeting financial institutions
Kaspersky experts have identified GodRAT, a new remote access tool (RAT) based on Gh0st RAT, which is targeting financial institutions. This tool is believed to be a successor of the AwesomePuppet RAT, associated with the Winnti group. Read Original »
1.1 Million Unique Records Identified in Allianz Life Data Leak
A recent data leak involving Allianz Life has resulted in the exposure of 1.1 million unique records. The breach was analyzed by Have I Been Pwned, highlighting the severity of the incident. Read Original »
New Research Links VPN Apps, Highlights Security Deficiencies
Citizen Lab has uncovered connections between various VPN providers and identified multiple security vulnerabilities in their mobile applications. This research highlights significant security deficiencies that could impact user privacy and data protection. Read Original »
PyPI Blocks 1,800 Expired-Domain Emails to Prevent Account Takeovers and Supply Chain Attacks
The Python Package Index (PyPI) has implemented measures to check for expired domains in order to enhance account security and prevent supply chain attacks. This initiative aims to make it more difficult for attackers to exploit expired domain names for unauthorized access. Read Original »
Hijacked Satellites and Orbiting Space Weapons: In the 21st Century, Space Is the New Battlefield
The article discusses the emerging threats in space, highlighting the risks of hacked satellites and the potential for nuclear weapons in orbit. It emphasizes the changing landscape of warfare and national security as space becomes a new battlefield. Read Original »
Noodlophile Stealer Hides Behind Bogus Copyright Complaints
Noodlophile is conducting spear-phishing attacks by using fake copyright claims to lure enterprises. This tactic exploits the urgency and concern surrounding copyright issues to deceive targets. Read Original »
Noodlophile Malware Campaign Expands Global Reach with Copyright Phishing Lures
The Noodlophile malware campaign has expanded its reach by using advanced spear-phishing tactics to target enterprises across multiple regions, including the U.S., Europe, Baltic countries, and the Asia-Pacific. The campaign has been active for over a year and now employs emails that pose as copyright infringement notifications to deliver the malware. Read Original »
Microsoft Windows Vulnerability Exploited to Deploy PipeMagic RansomExx Malware
Cybersecurity researchers have revealed that threat actors exploited a patched security flaw in Microsoft Windows to deploy the PipeMagic malware in RansomExx ransomware attacks. The vulnerability, identified as CVE-2025-29824, relates to privilege escalation in the Windows Common Log File System and was addressed by Microsoft in April 2025. Read Original »
Novel 5G Attack Bypasses Need for Malicious Base Station
Researchers have identified a new 5G attack called Sni5Gect, which enables attackers to intercept traffic and create disruptions without the need for a malicious base station. This vulnerability poses significant risks to the security of 5G networks. Read Original »
How Evolving RATs Are Redefining Enterprise Security Threats
The article discusses how evolving Remote Access Trojans (RATs) are reshaping the landscape of enterprise security threats. It emphasizes the importance of adopting a more unified and behavior-aware detection approach to enhance security outcomes. Read Original »
Workday Breach Likely Linked to ShinyHunters Salesforce Attacks
Workday reported a cyberattack linked to ShinyHunters that targeted its third-party CRM system. Although the hackers employed social engineering tactics, they did not access customer information, only exposing commonly available business contact information. Read Original »
Internet-wide Vulnerability Enables Giant DDoS Attacks
The article highlights a significant DDoS vulnerability that has emerged on the internet, impacting a large number of websites since 2023. This vulnerability poses a serious risk to online services and their availability. Read Original »
⚡ Weekly Recap: NFC Fraud, Curly COMrades, N-able Exploits, Docker Backdoors & More
The article emphasizes that cybersecurity failures often occur gradually due to overlooked details rather than sudden breaches. It highlights the importance of prompt action and clarity in maintaining security to prevent issues from escalating. Read Original »