Skip to main content

Cybersecurity

General cybersecurity news and analysis

Payroll Pirate Crew: Exclusive Risky Threat to Campuses

Payroll Pirate Crew: Exclusive Risky Threat to Campuses

Microsoft warns a cybercriminal group dubbed the Payroll Pirate Crew is targeting U.S. universities with phishing attacks that hijack HR systems to quietly reroute paychecks, leaving staff suddenly unpaid and campuses scrambling. Universities should tighten MFA, limit admin privileges, and require out‑of‑band verification for bank‑detail changes to protect employees and reputations.

Analyst 207
CVE-2025-10035: Stunning Critical Timeline Exposed

CVE-2025-10035: Stunning Critical Timeline Exposed

Fortra’s timeline reveals CVE-2025-10035 in GoAnywhere MFT was actively exploited from at least Sept. 11, 2025 — a wake-up call to patch immediately, audit transfer logs, and lock down MFT servers before attackers move laterally or steal data.

Analyst 207
AI Vulnerability Reward Program: Exclusive $30K Best Win

AI Vulnerability Reward Program: Exclusive $30K Best Win

Google’s new AI Vulnerability Reward Program offers up to $30,000 to researchers who responsibly report model flaws — a smart, practical move to incentivize fixes, curb abuse, and make AI safer for everyone.

Analyst 207
AI SOC: Must-Have Guide to Best (and Risky) Platforms

AI SOC: Must-Have Guide to Best (and Risky) Platforms

By 2026 SOCs will run as much on software agents as on analysts, with copilots, autonomous agents, and hybrid platforms transforming detection, response, and who holds decision authority. Pick tools that speed response but also deliver clear explainability, strong governance, and real adversarial testing so automation amplifies human wisdom instead of human error.

Analyst 207
malicious npm packages: Stunning Critical Threat Revealed

malicious npm packages: Stunning Critical Threat Revealed

Researchers uncovered Beamglea — 175 malicious npm packages downloaded about 26,000 times — that quietly hosted credential‑harvesting phishing campaigns against 135+ organizations, a stark reminder that the convenience of open-source packages can become a gateway for large‑scale theft.

Analyst 207
Oracle E-Business Suite Risky: Must-Have Breach Guide

Oracle E-Business Suite Risky: Must-Have Breach Guide

Google’s Threat Analysis Group says the Clop ransomware gang accessed a large volume of data from Oracle E-Business Suite — a wake-up call for any org that hasn’t checked who holds the keys to its crown jewels. Now’s the time to hunt for shadow EBS instances, tighten access, and patch or segment vulnerable systems before attackers turn stolen data into extortion.

Analyst 207
Dark, industrial control room with a central server and computer terminals displaying distorted water flow and pressure…

water utility attack: Exclusive Risky Honeypot Revelation

Security researchers watched a pro‑Russia hacktivist group walk straight into a lifelike water‑utility honeypot, giving defenders a rare, risk‑free look at their reconnaissance and tools. That intel shows how deception can turn attacker curiosity into actionable defenses—vital for protecting water systems that, if disrupted, could threaten public safety.

Analyst 207
firewall configuration backup files: Stunning Risk Exposed

firewall configuration backup files: Stunning Risk Exposed

SonicWall says cloud-stored firewall backups were accessed — and even encrypted configuration files can give attackers a dangerous roadmap to your network. Act now: audit affected devices, rotate credentials, enable MFA, and tighten management access to close the window for targeted attacks.

Analyst 207
cloud backups Risky: Stunning SonicWall Breach Exposes All

cloud backups Risky: Stunning SonicWall Breach Exposes All

Imagine your firewall’s master keys were left exposed — that’s what SonicWall customers discovered after the vendor revised its estimate from 5% to 100% of cloud backups affected, potentially exposing VPN credentials and network topology. If you used SonicWall cloud backups, inventory impacted devices, rotate credentials, and assume the worst while you await forensic details.

Analyst 207
public Wi‑Fi Must-Have Security: Best Practices

public Wi‑Fi Must-Have Security: Best Practices

Free public Wi‑Fi brings huge civic benefits—but every hotspot is also a potential entry point for attackers, so CISOs must balance easy access with strong defenses. Prioritize segmentation, modern authentication, vendor controls, and clear public onboarding so communities stay connected without exposing municipal systems or citizen data.

Analyst 207
AI browsers Risky: Stunning Security Wake-Up

AI browsers Risky: Stunning Security Wake-Up

A new SquareX Labs analysis warns that AI browsers—promising smarter, hands‑free browsing—may open fresh security gaps by blending models, plugins and persistent state, creating new attack surfaces for credential theft and model poisoning. Users and enterprises should treat AI-driven suggestions cautiously and push for stronger sandboxing, permission controls and oversight before convenience outpaces safety.

Analyst 207
ClayRat spyware: Exclusive Risky Android Threat

ClayRat spyware: Exclusive Risky Android Threat

Imagine a trusted Telegram app secretly scanning your messages, recording calls and sending everything off-device — that’s exactly what the new ClayRat spyware campaign is doing by spreading fake Android APKs through Telegram channels. Avoid sideloading, tighten app permissions, and treat APK links with suspicion to stop your phone from becoming a surveillance tool.

Analyst 207
cloud backup service Risky Breach: Must-Have Fixes

cloud backup service Risky Breach: Must-Have Fixes

SonicWall says attackers accessed cloud backup files holding encrypted firewall credentials and configs — turning the safety net meant to speed recovery into a potential roadmap for targeted attacks. If you used their Cloud Backup, assume exposure: rotate keys and credentials, review firewall and VPN access, and verify your backups and key management now.

Analyst 207
observability and threat hunting: Must-Have Critical Fixes

observability and threat hunting: Must-Have Critical Fixes

The NCSC warns many organisations are blind to attackers already inside their networks and is urging urgent improvements in observability and threat hunting. Its practical guidance shows how better telemetry, retention and detection engineering can help teams find, contain and recover from breaches faster.

Analyst 207
Windows 10 end-of-life: Must-Have Guide to Risky Exposure

Windows 10 end-of-life: Must-Have Guide to Risky Exposure

Microsoft ends Windows 10 security updates mid‑October, yet roughly 40% of endpoints still run it — leaving millions of devices exposed. Now’s the time to inventory systems, prioritize upgrades, or put strong compensating controls in place before the updates stop.

Analyst 207
authentication bypass: Critical, Dangerous Exploit

authentication bypass: Critical, Dangerous Exploit

Thousands of WordPress sites are at risk after a critical authentication bypass (CVE-2025-5947, CVSS 9.8) in the Service Finder theme and bundled Bookings plugin is being actively exploited — attackers can log in as any user, including admins. If you run that theme, update or disable it now, audit for signs of compromise, and restore from clean backups if needed.

Analyst 207
extortion attempt: Exclusive Risky Refusal Shakes Trust

extortion attempt: Exclusive Risky Refusal Shakes Trust

When an extortionist claimed nearly a billion Salesforce records were stolen, the company made a bold choice: no negotiation, no payment. That stance forces customers and the industry to balance short-term harm against the long-term need to deter cybercrime.

Analyst 207
WordPress themes and plugins: Risky Must-Have Fix

WordPress themes and plugins: Risky Must-Have Fix

A routine verification prompt can hide a dangerous trap: attackers are hijacking WordPress themes and plugins to inject stealthy JavaScript that redirects visitors to convincing phishing pages. Keep themes and plugins updated, use strong admin controls and a WAF, and vet all extensions to stop these silent, high-impact compromises before they spread.

Analyst 207
automated license-plate readers: Stunning Privacy Risk

automated license-plate readers: Stunning Privacy Risk

Retired Navy veteran Lee Schmidt and co-plaintiff Crystal Arrington say they were tracked hundreds of times by Flock’s automated license-plate readers, sparking a federal lawsuit that asks whether neighborhood safety tools have quietly become mass surveillance. As courts and communities wrestle with warrantless access, the case highlights how searchable location logs can map our every move — and why many call for stronger limits and transparency.

Analyst 207
PHP web shells: Exclusive Alert – Dangerous Campaign

PHP web shells: Exclusive Alert – Dangerous Campaign

A new campaign is exploiting unpatched PHP web apps to plant web shells and deploy Nezha and Ghost RAT for fast, persistent access — a clear reminder to patch, harden, and monitor your web-facing systems now.

Analyst 207
Chat Control: Stunning German Win vs Risky EU Plan

Chat Control: Stunning German Win vs Risky EU Plan

Germany has put the brakes on the EU’s controversial “Chat Control” device‑scanning plan, turning a behind‑closed‑doors tech debate into a public showdown over encryption, privacy and how far governments should go to fight child abuse. Its opposition could stall client‑side scanning and forces Brussels to choose whether to prioritize citizens’ privacy or new surveillance powers.

Analyst 207
Embed AI Now: Must-Have Fix to Reduce Risk

Embed AI Now: Must-Have Fix to Reduce Risk

AI can find vulnerabilities in seconds but also flood teams with noisy alerts — embedding AI thoughtfully with context-aware scoring, human-in-the-loop checks, and better telemetry turns automation into a force-multiplier that speeds remediation and reduces risk.

Analyst 207
Met Police arrest two teens: Shocking Risky Warning

Met Police arrest two teens: Shocking Risky Warning

Two 17‑year‑olds have been arrested after a cyber-attack on Kido nurseries exposed sensitive staff and parent data — a stark reminder that even childcare providers need stronger security, clear answers and better protections for families now.

Analyst 207
pasting personally identifiable information: Risky Stunning

pasting personally identifiable information: Risky Stunning

We keep pasting customer names, order numbers and card details into ChatGPT because it’s fast — but one casual prompt can lead to fines, fraud and lost trust. Make safe AI the easy choice: use sanctioned tools, DLP and clear rules before your next prompt.

Analyst 207