North Korea’s APT37 Uses Facebook Social Engineering to Deliver RokRAT Malware
The North Korean hacking group tracked as APT37 (aka ScarCruft) has been attributed to a fresh multi-stage, social engineering campaign…
Cyber Security
OpenAI Revokes macOS App Certificate After Malicious Axios Supply Chain Incident
OpenAI revealed a GitHub Actions workflow used to sign its macOS apps, which downloaded the malicious Axios library on March…
CPUID Breach Distributes STX RAT via Trojanized CPU-Z and HWMonitor Downloads
Unknown threat actors compromised CPUID (“cpuidcom”), a website that hosts popular hardware monitoring tools like CPU-Z, HWMonitor, HWMonitor Pro, and…
Adobe Patches Actively Exploited Acrobat Reader Flaw CVE-2026-34621
Adobe has released emergency updates to fix a critical security flaw in Acrobat Reader that has come under active exploitation…
Key Difference Between an App Developer vs Web Developer
In this post, I will talk about the key difference between an app developer vs web developer. App development is…
Citizen Lab: Law Enforcement Used Webloc to Track 500 Million Devices via Ad Data
Hungarian domestic intelligence, the national police in El Salvador, and several U.S. law enforcement and police departments have been attributed…
HowTo: Configure CyberHoot’s Report Phish Integration for Google Workspace
Google Workspace “Report Phish” Integration Overview Gmail’s built-in “Report Phishing” button sends reports only to Google’s internal Alert Center —…
Hims Breach Exposes the Most Sensitive Kinds of PHI
Threat actors breached the telehealth brand, and now they may know who’s bald, overweight, and impotent. What could they do…
Your Next Breach Will Look Like Business as Usual
These are the fundamental detection model shifts cybersecurity teams need to make to keep up with the rising number of…
Claude Mythos Opened Pandora’s Box. Project Glasswing Is Racing to Close It.
A Practical Brief for vCISOs THE WARNING WE IGNORED OR COULD NOT UNDERSTAND For years, the most credible voices in…