CISA Warns of Suspected Broader SaaS Attacks Exploiting App Secrets and Cloud Misconfigs
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday revealed that Commvault is monitoring cyber threat activity targeting applications…
May 2025
GitLab Duo Vulnerability Enabled Attackers to Hijack AI Responses with Hidden Prompts
Cybersecurity researchers have discovered an indirect prompt injection flaw in GitLab's artificial intelligence (AI) assistant Duo that could have allowed…
U.S. CISA adds a Samsung MagicINFO 9 Server flaw to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a Samsung MagicINFO 9 Server vulnerability to its Known Exploited Vulnerabilities catalog.…
Oops: DanaBot Malware Devs Infected Their Own PCs
The U.S. government today unsealed criminal charges against 16 individuals accused of operating and selling DanaBot, a prolific strain of…
Following Data Breach, Multiple Stalkerware Apps Go Offline
The same easily exploitable vulnerability was found in three of the apps that led to the compromise of victims' data.
Russian Threat Actor TAG-110 Goes Phishing in Tajikistan
While Ukraine remains Russia's major target for cyberattacks, TAG-110 is part of a strategy to preserve "a post-Soviet sphere of…
Danabot: Analyzing a fallen empire
ESET Research shares its findings on the workings of Danabot, an infostealer recently disrupted in a multinational law enforcement operation
3am Ransomware Adopts Email Bombing, Vishing Combo Attack
The emerging threat group is the latest to adopt the combo attack tactic, which Black Basta and other groups already…
UK Retail Cyberattacks May Drive Up US Insurance Premiums
Insurance experts weigh in on how the recent barrage of attacks against UK retailers could affect premium rates and policy…