Bytes of Wisdom, Bits of Security
Elastic Releases Urgent Fix for Critical Kibana Vulnerability Enabling Remote Code Execution
Elastic has rolled out security updates to address a...
China-Linked Silk Typhoon Expands Cyber Attacks to IT Supply Chains for Initial Access
The China-lined threat actor behind the zero-day exploitation of...
Identity: The New Cybersecurity Battleground
The rapid adoption of cloud services, SaaS applications, and...
Chinese APT Lotus Panda Targets Governments With New Sagerunex Backdoor Variants
The threat actor known as Lotus Panda has been...
Google Rolls Out AI Scam Detection for Android to Combat Conversational Fraud
Google has announced the rollout of artificial intelligence (AI)-powered...
Dark Caracal Uses Poco RAT to Target Spanish-Speaking Enterprises in Latin America
The threat actor known as Dark Caracal has been...
Defending against USB drive attacks with Wazuh
USB drive attacks constitute a significant cybersecurity risk, taking...
VMware Security Flaws Exploited in the Wild—Broadcom Releases Urgent Patches
Broadcom has released security updates to address three actively...
Google’s March 2025 Android Security Update Fixes Two Actively Exploited Vulnerabilities
Google has released its monthly Android Security Bulletin for...
Cisco, Hitachi, Microsoft, and Progress Flaws Actively Exploited—CISA Sounds Alarm
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on...
Over 4,000 ISP IPs Targeted in Brute-Force Attacks to Deploy Info Stealers and Cryptominers
Internet service providers (ISPs) in China and the West...
Suspected Iranian Hackers Used Compromised Indian Firm’s Email to Target U.A.E. Aviation Sector
Threat hunters are calling attention to a new highly-targeted...
How New AI Agents Will Transform Credential Stuffing Attacks
Credential stuffing attacks had a huge impact in 2024,...
The New Ransomware Groups Shaking Up 2025
In 2024, global ransomware attacks hit 5,414, an 11%...
⚡ THN Weekly Recap: Alerts on Zero-Day Exploits, AI Breaches, and Crypto Heists
This week, a 23-year-old Serbian activist found themselves at...
U.K. ICO Investigates TikTok, Reddit, and Imgur Over Children’s Data Protection Practices
The U.K.’s Information Commissioner’s Office (ICO) has opened an...
Hackers Exploit Paragon Partition Manager Driver Vulnerability in Ransomware Attacks
Threat actors have been exploiting a security vulnerability in...
Hackers Use ClickFix Trick to Deploy PowerShell-Based Havoc C2 via SharePoint Sites
Cybersecurity researchers are calling attention to a new phishing...
Amnesty Finds Cellebrite’s Zero-Day Used to Unlock Serbian Activist’s Android Phone
A 23-year-old Serbian youth activist had their Android phone...
Mozilla Updates Firefox Terms Again After Backlash Over Broad Data License Language
Firefox browser maker Mozilla on Friday updated its Terms...
5,000 Phishing PDFs on 260 Domains Distribute Lumma Stealer via Fake CAPTCHAs
Cybersecurity researchers have uncovered a widespread phishing campaign that...
RDP: a Double-Edged Sword for IT Teams – Essential Yet Exploitable
Remote Desktop Protocol (RDP) is an amazing technology developed...
Silver Fox APT Uses Winos 4.0 Malware in Cyber Attacks Against Taiwanese Organizations
A new campaign is targeting companies in Taiwan with...
Sticky Werewolf Uses Undocumented Implant to Deploy Lumma Stealer in Russia and Belarus
The threat actor known as Sticky Werewolf has been...
12,000+ API Keys and Passwords Found in Public Datasets Used for LLM Training
A dataset used to train large language models (LLMs)...
Microsoft Exposes LLMjacking Cybercriminals Behind Azure AI Abuse Scheme
Microsoft on Thursday unmasked four of the individuals that...
Bybit Hack Traced to Safe{Wallet} Supply Chain Attack Exploited by North Korean Hackers
The U.S. Federal Bureau of Investigation (FBI) formally linked...
PolarEdge Botnet Exploits Cisco and Other Flaws to Hijack ASUS, QNAP, and Synology Devices
A new malware campaign has been observed targeting edge...
New TgToxic Banking Trojan Variant Evolves with Anti-Analysis Upgrades
Cybersecurity researchers have discovered an updated version of an...
89% of Enterprise GenAI Usage Is Invisible to Organizations Exposing Critical Security Risks, New Report Reveals
Organizations are either already adopting GenAI solutions, evaluating strategies...