⚡ Weekly Recap: Zero-Day Exploits, Developer Malware, IoT Botnets, and AI-Powered Scams
May 12, 2025Ravie LakshmananCybersecurity / Hacking News
What do a source code editor, a smart billboard, and a web server have in common? They've all become launchpads for attacks—because cybercriminals...
Qilin Ransomware Ranked Highest in April 2025 with 72 Data Leak Disclosures
May 08, 2025Ravie LakshmananThreat Intelligence / Ransomware
Threat actors with ties to the Qilin ransomware family have leveraged malware known as SmokeLoader along with a previously undocumented .NET compiled loader...
Russian Hackers Using ClickFix Fake CAPTCHA to Deploy New LOSTKEYS Malware
The Russia-linked threat actor known as COLDRIVER has been observed distributing a new malware called LOSTKEYS as part of an espionage-focused campaign using ClickFix-like social engineering lures.
"LOSTKEYS is capable...
Qilin Ransomware Ranked Highest in April 2025 with Over 45 Data Leak Disclosures
May 08, 2025Ravie LakshmananThreat Intelligence / Ransomware
Threat actors with ties to the Qilin ransomware family have leveraged malware known as SmokeLoader along with a previously undocumented .NET compiled loader...
Play Ransomware Exploited Windows CVE-2025-29824 as Zero-Day to Breach U.S. Organization
Threat actors with links to the Play ransomware family exploited a recently patched security flaw in Microsoft Windows as a zero-day as part of an attack targeting an unnamed...
Entra ID Data Protection: Essential or Overkill?
Microsoft Entra ID (formerly Azure Active Directory) is the backbone of modern identity management, enabling secure access to the applications, data, and services your business relies on. As hybrid...
Third Parties and Machine Credentials: The Silent Drivers Behind 2025’s Worst Breaches
It wasn't ransomware headlines or zero-day exploits that stood out most in this year's Verizon 2025 Data Breach Investigations Report (DBIR) — it was what fueled them. Quietly, yet...
Automating Zero Trust in Healthcare: From Risk Scoring to Dynamic Policy Enforcement Without Network...
The Evolving Healthcare Cybersecurity Landscape
Healthcare organizations face unprecedented cybersecurity challenges in 2025. With operational technology (OT) environments increasingly targeted and the convergence of IT and medical systems creating...
ToyMaker Uses LAGTOY to Sell Access to CACTUS Ransomware Gangs for Double Extortion
Apr 26, 2025Ravie LakshmananMalware / Vulnerability
Cybersecurity researchers have detailed the activities of an initial access broker (IAB) dubbed ToyMaker that has been observed handing over access to double extortion...
⚡ Weekly Recap: Critical SAP Exploit, AI-Powered Phishing, Major Breaches, New CVEs & More
Apr 28, 2025Ravie LakshmananCybersecurity / Hacking News
What happens when cybercriminals no longer need deep skills to breach your defenses? Today's attackers are armed with powerful tools that do the...