Cybersecurity
General cybersecurity news and analysis

Hacktivist-Driven DDoS Stunning Surge Alarms Public Sector
Imagine a city more threatened by a flood of malicious internet traffic than a broken water main — last year denial-of-service attacks, many driven by hacktivists, made up about 60% of public-sector incidents, knocking out services and eroding trust without stealing a byte. With billions of poorly secured IoT devices and cheap DDoS-for-hire markets, even small groups can weaponize networks to silence government portals and disrupt daily life.

Hackers Weaponize Windows Hyper-V in Stunning EDR Evasion
Think your EDR has you covered? Attackers are enabling Windows Hyper-V on compromised machines and spinning up tiny Alpine Linux VMs to run malware out of sight of host-based sensors—making virtualization the new stealth tactic defenders must watch for.

SonicWall Exclusive Damaging State-Sponsored Cloud Breach
Imagine handing someone the wiring diagram to your house—now replace the house with your network: SonicWall says a state-sponsored actor used an API to access cloud-stored firewall configuration backups, exposing admin credentials, VPN keys and network blueprints that could let attackers slip past defenses.

UNK_SmudgedSerpent Exclusive: Dangerous Lures for Academics
Think your inbox is just clutter? A newly observed actor, UNK_SmudgedSerpent, is luring academics with plausible conference invites, fake collaboration requests and weaponized drafts to steal unpublished research and private correspondence—forcing universities to choose between openness and much tougher defenses.

AMD Stunning Crypto Bug Exposes Critical RNG Flaw
Could a handful of bits quietly unravel the trust behind bank logins and encrypted cloud workloads? Researchers uncovered an AMD RNG flaw in Ryzen and EPYC chips that lets local privileged operations weaken key generation—AMD has microcode patches underway, so admins should prioritize updates.

SmudgedSerpent Exclusive: Dangerous Hackers Target Experts
Meet SmudgedSerpent: during the summer 2025 Iran–Israel flare-up a stealthy cyber cluster used precision social engineering to target academics and policy experts. By exploiting researchers’ networks and unpublished work, these attacks show how adversaries now shape information and influence far faster than old‑school espionage.

Claude Desktop Extensions Exclusive: Critical Prompt Risk
Claude Desktop extensions make assistants truly useful — but when they execute local actions, attackers can turn innocent prompts into harmful commands. The recent command‑injection flaws in three extensions, now patched by Anthropic, are a reminder that convenience brings new security risks.

CISA Adds Gladinet, CWP to KEV: Exclusive Critical Alert
CISA has quietly added Gladinet and Control Web Panel to its Known Exploited Vulnerabilities list after evidence of active attacks. These flaws — including CVE-2025-11371 (CVSS 7.5) — are no longer theoretical and should be prioritized for immediate patching and mitigation.

Uncle Sam Demands DNA: Exclusive, Troubling Iris Scan
The Department of Homeland Security is proposing to collect iris scans, facial photos and cheek‑swab DNA from immigration applicants — and in some cases from U.S. citizens linked to those cases. Critics say the invasive move raises serious privacy, security and mission‑creep concerns, especially given the irreversible nature of biometric and genetic data.

Russian spies Exclusive: Dangerous VM malware on Windows
Meet Curly COMrades — a spy group that runs a tiny Alpine Linux “shadow OS” inside a hidden Hyper‑V VM on compromised Windows hosts, letting them slip past endpoint tools and quietly harvest data, credentials and long‑term access.

French Police Seize €1.6m in Exclusive Costly Crypto Sting
How do you chase money that lives in code and shadows? French investigators and Europol answered with blockchain sleuthing and old‑fashioned detective work — freezing €1.6m and arresting nine suspects in a cross‑border crypto fraud takedown.

Cybercriminals Targeting Payroll Sites Exclusive Warning
Imagine your paycheck landing in a strangers account—criminals are targeting payroll systems with social‑engineering scams that hijack credentials and reroute direct deposits. Simple fixes like multi‑factor authentication, tighter admin privileges, and out‑of‑band approvals can stop them before paychecks disappear.

OpenAI Assistants API Exclusive: Critical SesameOp Backdoor
Imagine your helpful AI assistant secretly moonlighting as a command-and-control courier — researchers found the SesameOp backdoor using OpenAI’s Assistants API to stealthily ferry attacker commands and exfiltrated data. This clever pivot turns trusted productivity integrations into covert channels, forcing a rethink of how we govern and monitor AI tools.

Scattered Spider Exclusive: Dangerous Unified Collective
Imagine low‑tech social engineering and SIM swaps teaming up with mass data brokers — that’s Scattered Spider, ShinyHunters and LAPSUS$ fusing tactics to turn bulk theft into pinpoint extortion. Security teams and cloud customers now face a hybrid, high‑leverage threat targeting SaaS platforms like Salesforce.

Teams Flaw: Stunning Reveal of Critical Boss Spoofing
A newly revealed Microsoft Teams vulnerability let attackers convincingly impersonate executives, forge messages and even rewrite chat history—turning everyday collaboration into a pathway for fraud and data theft. Learn how Check Point’s findings expose the danger of boss‑spoofing and what organizations need to patch now.

Identity Exclusive: Cloud’s Worst Security Risk
Identity is the single biggest cloud security risk — but with smarter access controls and a few practical fixes, you can shut down the weakest link fast.

DeFi Protocol Balancer Suffers Stunning $120M Heist
Who guards the guards? A sophisticated Balancer exploit drained over $120 million from the protocol’s liquidity pools, jolting the DeFi community and forcing a hard rethink of how permissionless innovation can survive against fast, well‑resourced attackers.

Google AI Stunningly Exposes 5 Critical Safari WebKit Flaws
Googles AI, Big Sleep, exposed five critical security flaws in WebKit — including a buffer‑overflow that could trigger crashes or memory corruption. It’s a stark reminder that AI speeds up vulnerability discovery, shortening the window defenders have to patch Safari’s engine before attackers catch up.

Xi Jinping Exclusive: Damaging Joke on Xiaomi Backdoors
Xi Jinpings offhand joke about Xiaomi backdoors — met with a laugh from South Koreas president — turned a light moment into a diplomatic ripple, reigniting real doubts about device security and supply‑chain vulnerabilities.

Ransomware negotiator: Exclusive Guide to Best Practices
When the ransomware negotiator you trusted to defuse an attack becomes the attacker, the breach of trust is catastrophic. This guide explains what happened, why it matters, and how organizations can guard against insider betrayal.

AWS Targets Security Startups: Exclusive Best Bets
With just two weeks to apply, AWS Targets Security Startups fast-tracks early cloud and AI security founders into a cohort with AWS, CrowdStrike and Nvidia for mentorship, technical integration, and investor introductions. Its a rare chance to turbocharge fundraising and distribution—if youre ready to trade some independence for speed.

Malicious VSX Extension Stunning Risk: Ethereum C2
Heads up: a malicious VSX extension is covertly turning browsers into Ethereum C2 endpoints—check your extensions now to protect your wallets and data.

CISA and NSA Exclusive Best Practices for Exchange Servers
CISA and the NSA have published a pragmatic, time‑sensitive blueprint to shore up Exchange security. It prioritizes fast hardening, sharper detection, and stricter access governance so you can assume breach and cut attackers’ windows to exploit your systems.

New GDI Flaws: Exclusive Critical Windows RCE Risk
Imagine the Graphics Device Interface — the decades-old Windows component that renders windows, text and images — suddenly becoming an open door for attackers: researchers disclosed GDI flaws that can enable remote code execution or sensitive data leaks via crafted images or fonts. Until patches arrive, treat untrusted images and documents cautiously, tighten monitoring, and apply least-privilege controls to reduce risk.