Researchers Uncover ‘LLMjacking’ Scheme Targeting Cloud-Hosted AI Models
Cybersecurity researchers have discovered a novel attack that employs stolen cloud credentials to target cloud-hosted large language model (LLM) services with the goal of...
WordPress Plugin Exploited to Steal Credit Card Data from E-commerce Sites
Unknown threat actors are abusing lesser-known code snippet plugins for WordPress to insert malicious PHP code in victim sites that are capable of harvesting...
FBI Distributes 7,000 LockBit Ransomware Decryption Keys to Help Victims
The U.S. Federal Bureau of Investigation (FBI) has disclosed that it's in possession of more than 7,000 decryption keys associated with the LockBit ransomware...
Malware Attackers Using MacroPack to Deliver Havoc, Brute Ratel, and PhantomCore
Threat actors are likely employing a tool designated for red teaming exercises to serve malware, according to new findings from Cisco Talos.The program in...
One More Tool Will Do It? Reflecting on the CrowdStrike Fallout
The proliferation of cybersecurity tools has created an illusion of security. Organizations often believe that by deploying a firewall, antivirus software, intrusion detection systems,...
GSMA Plans End-to-End Encryption for Cross-Platform RCS Messaging
The GSM Association, the governing body that oversees the development of the Rich Communications Services (RCS) protocol, on Tuesday, said it's working towards implementing...
THN Recap: Top Cybersecurity Threats, Tools, and Practices (Nov 11 – Nov 17)
What do hijacked websites, fake job offers, and sneaky ransomware have in common? They're proof that cybercriminals are finding smarter, sneakier ways to exploit...
The Future of Serverless Security in 2025: From Logs to Runtime Protection
Serverless environments, leveraging services such as AWS Lambda, offer incredible benefits in terms of scalability, efficiency, and reduced operational overhead. However, securing these environments...
FBI Deletes PlugX Malware from 4,250 Hacked Computers in Multi-Month Operation
The U.S. Department of Justice (DoJ) on Tuesday disclosed that a court-authorized operation allowed the Federal Bureau of Investigation (FBI) to delete PlugX malware...
Basecamp Successfully Defends Against Credential Stuffing Attack
Basecamp successfully blocked an hour-long credential stuffing attack targeting its platform on January 29, with only around 100 out of the company's advertised user base...