A newly discovered phishing campaign is leveraging a Unicode homoglyph trick to impersonate Booking.com and distribute malicious MSI installers capable of delivering infostealers or remote access trojans (RATs). This attack,Read More →
A newly disclosed pair of critical vulnerabilities in Sudo — the powerful Unix/Linux command-line tool that allows users to run commands as root — poses a significant local privilege escalationRead More →
A coordinated law enforcement operation in France has resulted in the arrest of key figures behind BreachForums, one of the most active and influential marketplaces for cybercriminals in recent years.Read More →
Helm has revolutionized how Kubernetes applications are deployed. A single helm install can launch a fully functioning stack in seconds. But a new report by Microsoft Defender for Cloud revealsRead More →
Cloud security remains an evolving challenge as new attack vectors emerge, often leveraging misconfigurations rather than outright software vulnerabilities. In August 2024, researchers at Datadog Security Labs uncovered a novelRead More →
Researchers have discovered a new attack named SysBumps, which targets macOS systems running on Apple Silicon processors. This attack leverages speculative execution vulnerabilities in system calls to bypass critical securityRead More →
In a concerning development within cybersecurity, attackers have been leveraging DocuSign’s API capabilities to send out fraudulent invoices that closely mimic genuine documents. These campaigns have been rising in frequency,Read More →
The music streaming industry is one of the largest revenue-generating platforms for artists and labels. Streaming services such as Spotify, Apple Music, and others pay royalties to artists based onRead More →
Microsoft experienced a significant disruption across several Azure cloud services on July 30, 2024, due to a distributed denial-of-service (DDoS) attack. The attack, which targeted Azure and Microsoft 365 services,Read More →