EPSS vs. CVSS: What’s the Best Approach to Vulnerability Prioritization?
Many businesses rely on the Common Vulnerability Scoring System (CVSS) to assess the severity of vulnerabilities for prioritization. While these scores provide some insight...
Watering Hole Attack on Kurdish Sites Distributing Malicious APKs and Spyware
As many as 25 websites linked to the Kurdish minority have been compromised as part of a watering hole attack designed to harvest sensitive...
Cloudflare Warns of India-Linked Hackers Targeting South and East Asian Entities
An advanced threat actor with an India nexus has been observed using multiple cloud service providers to facilitate credential harvesting, malware delivery, and command-and-control...
Chinese Hackers Infiltrate U.S. Internet Providers in Cyber Espionage Campaign
Nation-state threat actors backed by Beijing broke into a "handful" of U.S. internet service providers (ISPs) as part of a cyber espionage campaign orchestrated...
Google’s Shift to Rust Programming Cuts Android Memory Vulnerabilities by 52%
Google has revealed that its transition to memory-safe languages such as Rust as part of its secure-by-design approach has led to the percentage of...
Mozilla Faces Privacy Complaint for Enabling Tracking in Firefox Without User Consent
Vienna-based privacy non-profit noyb (short for None Of Your Business) has filed a complaint with the Austrian data protection authority (DPA) against Firefox maker...
Cybersecurity Researchers Warn of New Rust-Based Splinter Post-Exploitation Tool
Cybersecurity researchers have flagged the discovery of a new post-exploitation red team tool called Splinter in the wild.Palo Alto Networks Unit 42 shared its...
Expert Tips on How to Spot a Phishing Link
Phishing attacks are becoming more advanced and harder to detect, but there are still telltale signs that can help you spot them before it's...
Agentic AI in SOCs: A Solution to SOAR’s Unfulfilled Promises
Security Orchestration, Automation, and Response (SOAR) was introduced with the promise of revolutionizing Security Operations Centers (SOCs) through automation, reducing manual workloads and enhancing...
ChatGPT macOS Flaw Could’ve Enabled Long-Term Spyware via Memory Function
A now-patched security vulnerability in OpenAI's ChatGPT app for macOS could have made it possible for attackers to plant long-term persistent spyware into the...
