Styx Stealer Creator’s OPSEC Fail Leaks Client List and Profit Details
In what's a case of an operational security (OPSEC) lapse, the operator behind a new information stealer called Styx Stealer…
August 2024
Pro-Russia group Vermin targets Ukraine with a new malware family
The Computer Emergency Response Team of Ukraine (CERT-UA) warned of new phishing attacks, carried out by the Vermin group, distributing…
Chinese Wi-Fi Router Vendor Draws US Congressional Ire
Two congressmen want the US Commerce Department to examine the company's goods and decide if they pose a threat.
Azure Kubernetes Bug Lays Open Cluster Secrets
Vulnerability gave attackers with access to a pod a way to obtain credentials and other secrets.
UAC-0020 (Vermin) Activity Detection: A New Phishing Attack Abusing the Topic of Prisoners of War at the Kursk Front and Using FIRMACHAGENT Malware
The Vermin hacking collective, also tracked as UAC-0020, resurfaces, targeting Ukraine using a novel offensive tool dubbed FIRMACHAGENT. In the…
Vulnerability Management Workflow
Vulnerability Management, the name itself says it all. We all know vulnerability management is crucial for companies and individuals to…
A backdoor in millions of Shanghai Fudan Microelectronics RFID cards allows cloning
A flaw in millions of RFID cards manufactured by Shanghai Fudan Microelectronics allows these contactless cards to be cloned instantly.…
CERT-UA Warns of New Vermin-Linked Phishing Attacks with PoW Bait
The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of new phishing attacks that aim to infect devices with…
Publishers Spotlight: Bedrock Security
I was thrilled to catch up with Bedrock Security during Black Hat USA 2024. The surge in data volume from…
GiveWP WordPress Plugin Vulnerability Puts 100,000+ Websites at Risk
A maximum-severity security flaw has been disclosed in the WordPress GiveWP donation and fundraising plugin that exposes more than 100,000…