Bytes of Wisdom, Bits of Security
Hackers Use CAPTCHA Trick on Webflow CDN PDFs to Bypass Security Scanners
A widespread phishing campaign has been observed leveraging bogus...
Microsoft Uncovers Sandworm Subgroup’s Global Cyber Attacks Spanning 15+ Countries
A subgroup within the infamous Russian state-sponsored hacking group...
Ivanti Patches Critical Flaws in Connect Secure and Policy Secure – Update Now
Ivanti has released security updates to address multiple security...
Microsoft’s Patch Tuesday Fixes 63 Flaws, Including Two Under Active Exploitation
Microsoft on Tuesday released fixes for 63 security flaws...
North Korean Hackers Exploit PowerShell Trick to Hijack Devices in New Cyberattack
The North Korea-linked threat actor known as Kimsuky has...
How to Steer AI Adoption: A CISO Guide
CISOs are finding themselves more involved in AI teams,...
Researchers Find New Exploit Bypassing Patched NVIDIA Container Toolkit Vulnerability
Cybersecurity researchers have discovered a bypass for a now-patched...
Apple Patches Actively Exploited iOS Zero-Day CVE-2025-24200 in Emergency Update
Apple on Monday released out-of-band security updates to address...
Gcore DDoS Radar Reveals 56% YoY Increase in DDoS Attacks
Gcore’s latest DDoS Radar report analyzes attack data from...
Progress Software Patches High-Severity LoadMaster Flaws Affecting Multiple Versions
Progress Software has addressed multiple high-severity security flaws in...
4 Ways to Keep MFA From Becoming too Much of a Good Thing
Multi-factor authentication (MFA) has quickly become the standard for...
Google Confirms Android SafetyCore Enables AI-Powered On-Device Content Classification
Google has stepped in to clarify that a newly...
Zimbra Releases Security Updates for SQL Injection, Stored XSS, and SSRF Vulnerabilities
Zimbra has released software updates to address critical security...
DragonRank Exploits IIS Servers with BadIIS Malware for SEO Fraud and Gambling Redirects
Threat actors have been observed targeting Internet Information Services...
Don’t Overlook These 6 Critical Okta Security Configurations
Given Okta’s role as a critical part of identity...
⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [10 February]
In cybersecurity, the smallest crack can lead to the...
Hackers Exploit Google Tag Manager to Deploy Credit Card Skimmers on Magento Stores
Threat actors have been observed leveraging Google Tag Manager...
Malicious ML Models on Hugging Face Leverage Broken Pickle Format to Evade Detection
Cybersecurity researchers have uncovered two malicious machine learning (ML)...
India’s RBI Introduces Exclusive “bank.in” Domain to Combat Digital Banking Fraud
India’s central bank, the Reserve Bank of India (RBI),...
Microsoft Identifies 3,000 Leaked ASP.NET Keys Enabling Code Injection Attacks
Microsoft is warning of an insecure practice wherein software...
AI-Powered Social Engineering: Reinvented Threats
The foundations for social engineering attacks – manipulating humans...
CISA Warns of Active Exploits Targeting Trimble Cityworks Vulnerability
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has...
DeepSeek App Transmits Sensitive User and Device Data Without Encryption
A new audit of DeepSeek’s mobile app for the...
North Korean APT Kimsuky Uses forceCopy Malware to Steal Browser-Stored Credentials
The North Korea-linked nation-state hacking group known as Kimsuky...
The Evolving Role of PAM in Cybersecurity Leadership Agendas for 2025
Privileged Access Management (PAM) has emerged as a cornerstone...
SparkCat Malware Uses OCR to Extract Crypto Wallet Recovery Phrases from Images
A new malware campaign dubbed SparkCat has leveraged a...
Ransomware Extortion Drops to $813.5M in 2024, Down from $1.25B in 2023
Ransomware attacks netted cybercrime groups a total of $813.5...
Fake Google Chrome Sites Distribute ValleyRAT Malware via DLL Hijacking
Bogus websites advertising Google Chrome have been used to...
Navigating the Future: Key IT Vulnerability Management Trends
As the cybersecurity landscape continues to evolve, proactive vulnerability...
New Veeam Flaw Allows Arbitrary Code Execution via Man-in-the-Middle Attack
Veeam has released patches to address a critical security...