Latest Cybersecurity News
View all →
How the “Swiss Cheese” model can help you choose the right MDR provider
Not all managed detection and response (MDR) solutions are equal. Finding the differences between vendors can be quite hard, and then understanding how those differences…
Hugging Face Transformers RCE flaw enables stealthy compromise via AI model configs
“The malicious field uses an underscore-prefixed name that looks like an internal implementation detail — the kind of field that config files are full of,”…
How Hackers Exploit Windows Administrative Shares
The Huntress SOC team continues to see new Emotet, Trickbot, and Qakbot malware outbreaks within networks — regardless of antivirus, anti-spam, or firewall solutions. As a…
Hackers Are After the Gaps in Your Vulnerability Program: Here’s Their Playbook
A forum thread titled “Hacking for Profit. Working method” offers a rare glance into how underground communities pass information about vulnerability exploitation and hacking techniques…
Weaponized ChatGPT Download Site Delivers Malware Via Sponsored Search Results
A new malvertising campaign is exploiting ChatGPT’s popularity by promoting a weaponized fake download site via sponsored search results, delivering malware to both Windows and…
Frontline Workers Twice as Likely to Use Unapproved AI
New research by Mitel has revealed a widening gap between AI adoption and enablement, with limited support and low confidence contributing to the rise of…
Fake Ghidra, dnSpy & SpiderFoot Sites Used to Spread Malware
Hackers are abusing search results and professional-looking fake download portals to distribute malware by impersonating popular security tools like Ghidra, dnSpy, and SpiderFoot. These sites…
Lazarus Group Uses npm Brandjacking Campaign to Target Developers
A new npm campaign linked to North Korea’s Lazarus Group shows how attackers are using familiar-looking package names to gain access to developers’ systems and…
Scam Compound Trafficking Victim To Cybercrime Whistleblower: Mohammad Muzahir’s Story
04 Jun Scam Compound Trafficking Victim To Cybercrime Whistleblower: Mohammad Muzahir’s Story Posted at 08:43h in Blogs by Taylor Fox This week in cybersecurity from…