Latest Intelligence
Sophisticated Shuyal Stealer Targets 19 Browsers, Demonstrates Advanced Evasion
A new infostealing malware, known as Shuyal Stealer, has emerged that can extract credentials and system data from various browsers, including those that prioritize user privacy. This poses a significant threat to users relying on privacy-focused browsing options. Read Original »
How to Spot Malicious AI Agents Before They Strike
The emergence of agentic AI signifies the onset of a new era in cybersecurity where malicious AI agents pose a significant threat. To effectively counter these threats, collaboration between human and machine agents is essential. Read Original »
NASCAR Confirms Personal Information Stolen in Ransomware Attack
NASCAR has confirmed that a ransomware attack in April 2025 resulted in the theft of personal information, including names and Social Security numbers. This incident highlights ongoing cybersecurity threats faced by organizations. Read Original »
Root Evidence Launches With $12.5 Million in Seed Funding
Root Evidence has launched its operations with a focus on developing technology for vulnerability scanning and attack surface management. The company has secured $12.5 million in seed funding to support its initiatives. Read Original »
Scattered Spider Targeting VMware vSphere Environments
The financially motivated group known as Scattered Spider is shifting its focus from targeting Active Directory to exploiting VMware vSphere environments. They are deploying ransomware directly from the hypervisor, indicating a new tactic in their cyberattacks. Read Original »
⚡ Weekly Recap — SharePoint Breach, Spyware, IoT Hijacks, DPRK Fraud, Crypto Drains and More
The article highlights the subtle yet significant cybersecurity threats that can arise from seemingly legitimate sources such as signed software and trusted vendors. It emphasizes the importance of recognizing that the most dangerous attacks often appear to be trustworthy, complicating the security landscape. Read Original »
CISA Adds Three Known Exploited Vulnerabilities to Catalog
CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, indicating active exploitation of these issues. These vulnerabilities, primarily affecting Cisco Identity Services Engine and PaperCut NG/MF, pose significant risks to federal networks. Read Original »
Allianz Life Data Breach Impacts Most of 1.4 Million US Customers
Allianz Life has reported a data breach that has compromised the information of customers, financial professionals, and employees. The breach affects a significant portion of its 1.4 million US customers. Read Original »
Email Security Is Stuck in the Antivirus Era: Why It Needs a Modern Approach
The article highlights the inadequacy of traditional email security measures, which are outdated and fail to address modern threats. Despite advancements in securing endpoints, email remains a significant vulnerability due to reliance on outdated filtering technologies. Read Original »
BlackSuit Ransomware Group Transitioning to ‘Chaos’ Amid Leak Site Seizure
The BlackSuit ransomware group is reportedly transitioning to a new identity called Chaos following the seizure of its leak site by law enforcement. This rebranding suggests a shift in tactics or operations in response to increased pressure from authorities. Read Original »
Flaw Allowing Website Takeover Found in WordPress Plugin With 400k Installations
A critical vulnerability has been discovered in the Post SMTP email delivery WordPress plugin, which has 400,000 installations. Alarmingly, half of the websites using this plugin remain unpatched, leaving them at risk of takeover. Read Original »
Scattered Spider Hijacks VMware ESXi to Deploy Ransomware on Critical U.S. Infrastructure
The cybercrime group Scattered Spider is exploiting VMware ESXi hypervisors to launch ransomware attacks against critical sectors such as retail, airlines, and transportation in North America. Their method relies on social engineering tactics rather than software exploits, primarily involving phone calls to IT help desks. Read Original »
Critical Flaws in Niagara Framework Threaten Smart Buildings and Industrial Systems Worldwide
Cybersecurity researchers have identified multiple vulnerabilities in Tridium's Niagara Framework that could be exploited by attackers on the same network, particularly if the system is misconfigured to disable encryption. This poses significant risks to smart buildings and industrial systems globally. Read Original »
Cyber Career Opportunities: Weighing Certifications vs. Degrees
The article features Melina Scotto, a seasoned CISO, sharing her insights on career paths in cybersecurity, particularly the debate between obtaining certifications versus degrees. Her experience over 30 years in the industry provides valuable guidance for those looking to advance their careers in cyber. Read Original »
'Fire Ant' Cyber Spies Compromise Siloed VMware Systems
Suspected threat actors with ties to China have successfully targeted virtual environments, employing various tools and techniques to circumvent security measures and access isolated areas of victims' networks. This highlights significant vulnerabilities in the security of VMware systems. Read Original »