News & Updates

Cybercriminals Use Go Resty and Node Fetch in 13 Million Password Spraying Attempts

/
Cybercriminals are increasingly leveraging legitimate HTTP client tools to facilitate account takeover (ATO) attacks on Microsoft 365 environments.
Enterprise security company Proofpoint said it observed campaigns using HTTP clients Axios and Node Fetch to send HTTP requests and receive HTTP responses from web servers with the goal of conducting ATO attacks.
“Originally sourced from public
News & Updates

Solopreneurs, Beware: Entrepreneurship Is Attractive in Dating—But Romance Scams Can Wreck Your Business

/
Entrepreneurship is more attractive than ever—at least when it comes to dating. A recent survey found that 21% of women are drawn to business owners, making it a more desirable career choice than finance (18%) and tying with creative fields like artistry. Other highly hot ranked careers included healthcare (29%), science (16%), education (23%), and emergency response jobs such as firefighters, EMTs, ER doctors/nurses, (19%).

The survey, conducted on 1,000 men and 1,000 women who are single or c

Threats

CVE-2025-0411 Detection: russian Cybercrime Groups Rely on Zero-Day Vulnerability in 7-Zip to Target Ukrainian Organizations

/

Since a full-scale invasion of Ukraine, cybercriminal groups of russian origin have relentlessly targeted the Ukrainian state bodies and business sectors for espionage and destruction. Recently, cybersecurity researchers uncovered a massive cyber-espionage campaign exploiting a 7-Zip zero-day vulnerability to deliver SmokeLoader malware. The campaign’s ultimate objective was cyber espionage, intensifying the digital frontlines of the […]

The post CVE-2025-0411 Detection: russian Cybercrime Groups Rely on Zero-Day Vulnerability in 7-Zip to Target Ukrainian Organizations appeared first on SOC Prime.

News & Updates

Scammers Pose as Government Officials to Steal Your Money, the FTC Warns

/
Scammers often impersonate government officials or trustworthy agencies to trick consumers into giving out money, passwords and sensitive information. They often pose as representatives of businesses you trust, government agencies, or both. In a new variation of these constantly evolving schemes, scammers are now impersonating Federal Trade Commission (FTC) Chairman Andrew Ferguson.

How the Scam Works

According to a recent FTC consumer alert, the scam usually begins with an unexpected call

News & Updates

New Veeam Flaw Allows Arbitrary Code Execution via Man-in-the-Middle Attack

/
Veeam has released patches to address a critical security flaw impacting its Backup software that could allow an attacker to execute arbitrary code on susceptible systems.
The vulnerability, tracked as CVE-2025-23114, carries a CVSS score of 9.0 out of 10.0.
“A vulnerability within the Veeam Updater component that allows an attacker to utilize a Man-in-the-Middle attack to execute arbitrary code
Scroll to Top