Latest Intelligence
AI-Generated Malicious npm Package Drains Solana Funds from 1,500+ Before Takedown
Researchers have identified a malicious npm package, @kodane/patch-manager, which was generated using AI and designed to drain cryptocurrency funds. This package was uploaded to npm and has affected over 1,500 users before being taken down. Read Original »
SIEMs: Dying a Slow Death or Poised for AI Rebirth?
The SIEM market is facing significant changes due to the emergence of XDR platforms and generative AI, which are transforming the landscape of security analytics. This shift raises questions about the future viability of traditional SIEM solutions. Read Original »
You Are What You Eat: Why Your AI Security Tools Are Only as Strong as the Data You Feed Them
The article emphasizes that the effectiveness of AI in cybersecurity is heavily reliant on the quality of data used to train these systems, rather than just the advanced tools themselves. It draws an analogy to triathletes who must prioritize proper nutrition over merely investing in high-end equipment. Read Original »
Cyber Risk Management Firm Safe Raises $70 Million
Safe has successfully raised $70 million in Series C funding, which will be utilized to enhance cyber risk management through the development of specialized AI agents. This funding marks a significant step in advancing cybersecurity measures in the industry. Read Original »
Echo Raises $15M in Seed Funding for Vulnerability-Free Container Images
Echo has secured $15 million in seed funding to develop container images that are free from any known vulnerabilities (CVEs). This initiative aims to enhance the security of enterprise-grade software infrastructure by providing a safer alternative for containerized applications. Read Original »
Storm-2603 Deploys DNS-Controlled Backdoor in Warlock and LockBit Ransomware Attacks
The article discusses a threat actor exploiting recent security flaws in Microsoft SharePoint Server using a custom command-and-control framework known as AK47 C2. This framework features both HTTP-based and DNS-based clients, indicating a sophisticated approach to cyber attacks. Read Original »
Bill Aims to Create National Strategy for Quantum Cybersecurity Migration
Two US senators have introduced a bipartisan bill aimed at preparing federal government agencies for the threats posed by quantum computing. The legislation seeks to establish a national strategy for migrating cybersecurity measures to counteract these emerging risks. Read Original »
$1 Million Offered for WhatsApp Exploit at Pwn2Own Ireland 2025
Meta is sponsoring the Pwn2Own hacking competition, offering a significant prize of $1 million for successful exploits targeting WhatsApp. The event focuses on vulnerabilities in smartphones, WhatsApp, and wearable devices, encouraging security researchers to identify and report these issues. Read Original »
Gen Z Falls for Scams 2x More Than Older Generations
The article highlights that Generation Z is more susceptible to online scams than older generations, challenging the stereotype that older individuals are the most gullible. This trend poses significant risks for employers as they may face the consequences of these scams. Read Original »
DragonForce Ransom Cartel Profits Off Rivals' Demise
The collapse of RansomHub has resulted in significant consolidation within the ransomware ecosystem, benefiting groups like DragonForce and Qilin. This shift highlights the competitive dynamics in the cybercrime landscape following the demise of a major player. Read Original »
SafePay Claims Ingram Micro Breach, Sets Ransom Deadline
The ransomware gang has claimed responsibility for a breach involving Ingram Micro, asserting that they have stolen 3.5TB of data. They have demanded a ransom from the technology distributor to prevent a public data breach. Read Original »
Secret Blizzard Deploys Malware in ISP-Level AitM Attacks on Moscow Embassies
Secret Blizzard, a Russian nation-state threat actor, is conducting a cyber espionage campaign against foreign embassies in Moscow using ISP-level adversary-in-the-middle attacks. They are deploying a custom malware called ApolloShadow, which can install a trusted root certificate. Read Original »
3 Things CFOs Need to Know About Mitigating Threats
The article emphasizes the importance of CFOs and CISOs in framing cybersecurity as a vital business investment. It highlights the need to communicate the substantial return on investment that strong security measures can provide. Read Original »
Russia's Secret Blizzard APT Gains Embassy Access via ISPs
The article discusses an ongoing campaign by a Moscow-sponsored cyber threat actor that has expanded its operations by deploying the ApolloShadow custom backdoor malware. This malware is being facilitated through lawful intercept systems, allowing the attacker to gain access to embassy networks. Read Original »
Experts Detect Multi-Layer Redirect Tactic Used to Steal Microsoft 365 Login Credentials
Cybersecurity researchers have revealed a phishing campaign that utilizes link wrapping services from Proofpoint and Intermedia to obscure malicious payloads and evade detection. This tactic aims to steal Microsoft 365 login credentials by exploiting the protective measures intended to block harmful links. Read Original »