Latest Intelligence
North Korean Operatives Use Deepfakes in IT Job Interviews
North Korean operatives are reportedly using deepfake technology to create synthetic identities for malicious purposes during IT job interviews, aiming to infiltrate Western organizations. This tactic highlights the evolving threats in the hiring process posed by state-sponsored actors.
Japan Warns on Unauthorized Stock Trading via Stolen Credentials
Japan has issued a warning regarding unauthorized stock trading facilitated by attackers using stolen credentials obtained through phishing websites masquerading as legitimate securities company homepages. This issue highlights the significant risks associated with credential theft and its impact on financial security.
Kubernetes Pods Are Inheriting Too Many Permissions
Kubernetes pods are reportedly inheriting excessive permissions, which poses a significant cyber-risk. Research from SANS highlights that securing Kubernetes workload identity can effectively mitigate this risk without the need for additional infrastructure.
DPRK Hackers Steal $137M from TRON Users in Single-Day Phishing Attack
DPRK-linked hackers executed a significant phishing attack, stealing $137 million from TRON users in a single day, highlighting the increasing threat to the Web3 and cryptocurrency sectors driven by financial motivations amid international sanctions. This incident underscores the vulnerabilities present in the cryptocurrency space.
AuthMind Raises $19.3 Million in Seed Funding
AuthMind, an identity protection startup, has successfully raised $19.3 million in a seed funding round led by Cheyenne Ventures. This funding will support the development of their identity protection solutions, which are increasingly critical in today's cybersecurity landscape.
Ethical Zero Day Marketplace Desired Effect Emerges From Stealth
Desired Effect has emerged as an ethical vulnerability exchange marketplace aimed at equipping defenders with the tools to stay ahead of cyber attackers. This initiative signifies a shift towards responsible disclosure and collaboration in cybersecurity.
Endor Labs Raises $93 Million for AppSec Platform
Endor Labs has successfully raised $93 million in a Series B funding round, which will be used to expand its Application Security (AppSec) platform. This funding highlights the growing importance of application security in the cybersecurity landscape.
The Foundations of a Resilient Cyber Workforce
The article emphasizes the importance of building a resilient cyber workforce amidst increasing threats from insiders and nation-state adversaries. It highlights the need for transparency, ethical leadership, and a trust-based culture within organizations to effectively tackle these challenges.
Chainguard Raises Hefty $356M Series D at $3.5 Billion Valuation
Chainguard has successfully raised $356 million in a Series D funding round, bringing its total funding to approximately $612 million since its inception in 2021. This funding values the company at $3.5 billion, highlighting the growing interest and investment in cybersecurity solutions.
Iran-Linked Hackers Target Israel with MURKYTOUR Malware via Fake Job Campaign
Iran-linked hackers, identified as UNC2428, have been targeting Israel using a backdoor malware called MURKYTOUR through a job-themed social engineering campaign. This incident highlights ongoing cyber espionage efforts aligned with Iranian interests.
Files Deleted From GitHub Repos Leak Valuable Secrets
A security researcher has uncovered numerous leaked secrets by recovering files that were deleted from GitHub repositories. This issue highlights the risks associated with improperly managing sensitive information in version control systems.
Android Spyware Disguised as Alpine Quest App Targets Russian Military Devices
Researchers have uncovered a malicious campaign targeting Russian military personnel, distributing Android spyware disguised as the Alpine Quest mapping application. This threat highlights the ongoing cybersecurity challenges faced by military organizations and the tactics employed by attackers to infiltrate their systems.
Miggo Security Banks $17M Series A for ADR Technology
Miggo Security, an Israeli runtime application security startup, has successfully secured $17 million in a Series A funding round to enhance its ADR technology. This investment, led by SYN Ventures and YL Ventures, underscores the growing importance of application security in the cybersecurity landscape.
Picnic Corporation Rebrands to VanishID, Raises $10 Million
Picnic Corporation has undergone a rebranding to VanishID, coinciding with the introduction of a new privacy and security offering aimed at CEOs. This strategic move is significant as it reflects the company's focus on enhancing privacy solutions in the cybersecurity landscape.
Three Reasons Why the Browser is Best for Stopping Phishing Attacks
Phishing attacks are a growing threat in 2025, with attackers increasingly using identity-based techniques rather than software exploits. This shift highlights the need for effective browser-based solutions to combat these attacks and protect sensitive information.