Agentic AI in the SOC – Dawn of Autonomous Alert Triage
Security Operations Centers (SOCs) today face unprecedented alert volumes and increasingly sophisticated threats. Triaging and investigating these alerts are costly, cumbersome, and increases analyst...
UAC-0226 Deploys GIFTEDCROOK Stealer via Malicious Excel Files Targeting Ukraine
The Computer Emergency Response Team of Ukraine (CERT-UA) has revealed a new set of cyber attacks targeting Ukrainian institutions with information-stealing malware.The activity is...
CISA Adds CrushFTP Vulnerability to KEV Catalog Following Confirmed Active Exploitation
A recently disclosed critical security flaw impacting CrushFTP has been added by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) to its Known Exploited...
Google Releases Android Update to Patch Two Actively Exploited Vulnerabilities
Google has shipped patches for 62 vulnerabilities, two of which it said have been exploited in the wild.The two high-severity vulnerabilities are listed below...
CISA and FBI Warn Fast Flux is Powering Resilient Malware, C2, and Phishing Networks
Cybersecurity agencies from Australia, Canada, New Zealand, and the United States have published a joint advisory about the risks associated with a technique called...
⚡ Weekly Recap: VPN Exploits, Oracle’s Silent Breach, ClickFix Comeback and More
Today, every unpatched system, leaked password, and overlooked plugin is a doorway for attackers. Supply chains stretch deep into the code we trust, and...
Security Theater: Vanity Metrics Keep You Busy – and Exposed
After more than 25 years of mitigating risks, ensuring compliance, and building robust security programs for Fortune 500 companies, I've learned that looking busy...
PoisonSeed Exploits CRM Accounts to Launch Cryptocurrency Seed Phrase Poisoning Attacks
A malicious campaign dubbed PoisonSeed is leveraging compromised credentials associated with customer relationship management (CRM) tools and bulk email providers to send spam messages...
Microsoft Credits EncryptHub, Hacker Behind 618+ Breaches, for Disclosing Windows Flaws
A likely lone wolf actor behind the EncryptHub persona was acknowledged by Microsoft for discovering and reporting two security flaws in Windows last month,...
North Korean Hackers Deploy BeaverTail Malware via 11 Malicious npm Packages
The North Korean threat actors behind the ongoing Contagious Interview campaign are spreading their tentacles on the npm ecosystem by publishing more malicious packages...
