Latest Intelligence
Report Links Chinese Companies to Tools Used by State-Sponsored Hackers
The article discusses a report by SentinelLabs that reveals connections between Chinese state-sponsored hackers and companies that develop intrusion tools. This linkage highlights concerns about the collaboration between private enterprises and state-sponsored cyber activities. Read Original »
UNC2891 Breaches ATM Network via 4G Raspberry Pi, Tries CAKETAP Rootkit for Fraud
UNC2891, a financially motivated threat actor, has been observed executing a cyber-physical attack on ATM infrastructure using a Raspberry Pi equipped with 4G. The attacker gained physical access to the ATM network, allowing them to potentially exploit vulnerabilities for fraudulent activities. Read Original »
Alert Fatigue, Data Overload, and the Fall of Traditional SIEMs
Security Operations Centers (SOCs) are facing significant challenges due to increasing log volumes, complex threat landscapes, and understaffed teams. Analysts are overwhelmed by alert noise and fragmented tools, leading to a decline in traditional SIEM effectiveness as vendors shift towards SaaS solutions. Read Original »
Honeywell Experion PKS Flaws Allow Manipulation of Industrial Processes
Honeywell has addressed several critical and high-severity vulnerabilities in its Experion PKS product, which is used for industrial process control and automation. These flaws could potentially allow for manipulation of industrial processes, raising significant security concerns. Read Original »
Google Project Zero Tackles Upstream Patch Gap With New Policy
Google Project Zero has introduced a new policy to publicly disclose the discovery of vulnerabilities along with the expiration of its 90-day disclosure deadline. This initiative aims to address the gap in upstream patching for vulnerabilities. Read Original »
Hackers Exploit Critical WordPress Theme Flaw to Hijack Sites via Remote Plugin Install
Threat actors are exploiting a critical vulnerability in the 'Alone – Charity Multipurpose Non-profit WordPress Theme' that allows them to take over affected sites. This security flaw, tracked as CVE-2025-5394, has a high severity score of 9.8 and involves arbitrary file uploads. Read Original »
Koreans Hacked, Blackmailed by 250+ Fake Mobile Apps
The article discusses the emergence of over 250 fake mobile applications in Korea that are designed to hide spyware. These malicious apps have led to disturbing cases of extortion against users, highlighting significant cybersecurity concerns. Read Original »
Tonic Security Harnesses AI to Combat Remediation Challenges
Tonic Security aims to address the increasing speed at which attackers exploit vulnerabilities by implementing AI-driven solutions to prevent threats before they result in security breaches. The startup focuses on overcoming the challenges associated with remediation in cybersecurity. Read Original »
Palo Alto Networks Grabs IAM Provider CyberArk for $25B
Palo Alto Networks has acquired identity and access management provider CyberArk for $25 billion, significantly impacting the cybersecurity landscape. This acquisition enhances Palo Alto Networks' capabilities and market presence in the cybersecurity sector. Read Original »
Inside the FBI's Strategy for Prosecuting Ransomware
The article discusses the US government's aggressive approach to prosecuting cybercriminals involved in ransomware, even targeting those at mid-level. It raises questions about the fairness and effectiveness of this strategy in combating cybercrime. Read Original »
Silk Typhoon Linked to Powerful Offensive Tools, PRC-Backed Companies
The article discusses an unsealed indictment related to a Chinese threat group, revealing that its members were affiliated with companies closely connected to the People's Republic of China (PRC). This indicates a broader ecosystem of contractors involved in potentially harmful cyber activities. Read Original »
Senate Committee Advances Trump Nominee to Lead CISA
The Senate Committee has voted to recommend Sean Plankey as the director of the Cybersecurity and Infrastructure Security Agency (CISA). This nomination is part of the ongoing efforts to strengthen cybersecurity leadership under the Trump administration. Read Original »
Hackers Use Facebook Ads to Spread JSCEAL Malware via Fake Cryptocurrency Trading Apps
Cybersecurity researchers have identified a campaign that spreads JSCEAL malware through fake cryptocurrency trading apps. This malware targets users by capturing data from their credentials and wallets via malicious Facebook ads leading to counterfeit sites. Read Original »
FunkSec Ransomware Decryptor Released Free to Public After Group Goes Dormant
Cybersecurity experts have made a decryptor available for the FunkSec ransomware, enabling victims to recover their files at no cost. The ransomware is now considered inactive, prompting the release of the decryptor for public use. Read Original »
BlinkOps Raises $50 Million for Agentic Security Automation Platform
BlinkOps has successfully raised $50 million in a Series B funding round, increasing its total funding to $90 million for its micro-agents builder. This investment aims to enhance their Agentic Security Automation Platform. Read Original »