Cyber Security
75 articles in this category (Page 2 of 4)
Enterprise Credentials at Risk: The Lifecycle and Impact of Stolen Login Data
Stolen enterprise credentials, sold for as little as $15, enable ransomware, data theft, and significant financial losses. This article explores the lifecycle of credential compromise, common attack vectors, and mitigation strategies.
China-Linked Hackers Exploit Legacy Vulnerabilities for Global Espionage Campaigns
A China-linked threat actor exploited multiple CVEs in April 2025 to target a U.S. non-profit organization, establishing long-term persistence. Other Chinese hacking groups have also launched campaigns across global sectors using advanced techniques like AitM attacks and IIS server compromises.
Samsung Zero-Day Flaw Exploited to Deploy LANDFALL Android Spyware in Middle East
A critical Samsung Galaxy vulnerability (CVE-2025-21042) was exploited as a zero-day to deploy the LANDFALL spyware via WhatsApp images, targeting users in the Middle East before a patch in April 2025.
AI-Driven Malware Exploits Open-Source Trust: VS Code Extension and npm Packages
A malicious VS Code extension with ransomware capabilities and 17 npm packages distributing Vidar Infostealer highlight AI's role in modern supply chain attacks, exploiting open-source ecosystems.
Cisco Warns of Critical Firewall Vulnerabilities Exploited in Zero-Day Attacks
Cisco has disclosed new firewall vulnerabilities (CVE-2025-20333 and CVE-2025-20362) exploited as zero-days, enabling denial-of-service attacks and unauthorized access. Learn about the risks and recommended mitigations.
CISA Adds Gladinet and CWP Vulnerabilities to KEV Catalog Amid Active Exploitation
CISA has added critical vulnerabilities in Gladinet, CWP, and WordPress plugins to its KEV catalog, emphasizing urgent patching due to active exploitation in the wild.
Google Discovers PROMPTFLUX Malware Leveraging Gemini AI for Evasion
Google identifies PROMPTFLUX, a VB Script malware using Gemini AI to rewrite its code hourly for evasion, highlighting rising AI-driven cyber threats and misuse of large language models.