The Computer Emergency Response Team of Ukraine (CERT-UA) on Tuesday warned of renewed activity from an organized criminal group it tracks as UAC-0173 that involves infecting computers with a remote access trojan named DCRat (aka DarkCrystal RAT).
The Ukrainian cybersecurity authority said it observed the latest attack wave starting in mid-January 2025. The activity is designed to target the

Cybersecurity researchers have flagged a malicious Python library on the Python Package Index (PyPI) repository that facilitates unauthorized music downloads from music streaming service Deezer.
The package in question is automslc, which has been downloaded over 104,000 times to date. First published in May 2019, it remains available on PyPI as of writing.
“Although automslc, which has been

A cyberattack against leading US background screening and drug and alcohol testing company DISA Global Solutions has led to a significant leak impacting 3.3 million people.

Company discloses breach from last year

DISA Global Solutions suffered a security incident last year. While threat actors compromised its systems on Feb. 9, 2024, the company only discovered the breach two months later, on April 22.

DISA kept the incident under wraps and only disclosed the incident last month. An update t

Organizations today face relentless cyber attacks, with high-profile breaches hitting the headlines almost daily. Reflecting on a long journey in the security field, it’s clear this isn’t just a human problem—it’s a math problem. There are simply too many threats and security tasks for any SOC to manually handle in a reasonable timeframe. Yet, there is a solution. Many refer to it as SOC 3.0—an

A secondary school struggling to meet standards made a remarkable turnaround thanks to a bold decision to tackle smartphone distractions head-on.

In 2023, teachers from Cumberland Community School in Newham, East London, asked students to delete their social media platforms and take part in compulsory revision sessions. 160 students out of 300 agreed, and some students even handed over their phones entirely to stay focused.

The results were nothing short of transformative.

At the end of 2024,

Universities and government organizations in North America and Asia have been targeted by a previously undocumented Linux malware called Auto-Color between November and December 2024, according to new findings from Palo Alto Networks Unit 42.
“Once installed, Auto-color allows threat actors full remote access to compromised machines, making it very difficult to remove without specialized

Researchers found an updated LightSpy spyware with enhanced data collection features targeting social media platforms like Facebook and Instagram. Cybersecurity researchers at Hunt.io have found an updated version of the LightSpy spyware that supports an expanded set of data collection features to target social media platforms like Facebook and Instagram. ThreatFabric researchers first discovered a […]

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft Partner Center and Synacor Zimbra Collaboration Suite vulnerabilities to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added SonicWall SonicOS and Palo Alto PAN-OS vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. The two vulnerabilities are: The first vulnerability, CVE-2023-34192 (CVSS score: 9.0), is […]