Cloud & DevOps Security Lessons
The discovery of recently disclosed vulnerabilities affecting CyberArk and HashiCorp products has highlighted the urgent need for advanced security governance in cloud-based environments. These flaws, if exploited, could allow attackers to gain elevated access to sensitive enterprise data, manipulate privileged credentials, and disrupt critical services across multiple sectors. The affected solutions are widely deployed in […]
RubyGems & PyPI Breach Alert
On August 8, 2025, security researchers uncovered a large-scale supply chain attack targeting two of the most trusted open-source repositories-RubyGems and Python Package Index (PyPI). This coordinated campaign involved the upload of dozens of malicious packages that imitated popular libraries, aimed at compromising developer environments and exfiltrating sensitive information. Attack Summary Threat actors employed typosquatting […]
Royal & BlackSuit Breach Hits 450+
A recent advisory from the U.S. Department of Homeland Security reveals that the cybercriminal operations known as Royal and BlackSuit have compromised more than 450 U.S. companies. These attacks, spanning critical sectors such as healthcare, education, public safety, energy, and government, have yielded over $370 million in ransom payouts – calculated at current cryptocurrency valuations. […]
End of Legacy in M365 Security
As part of Microsoft’s Secure Future Initiative and its “Secure by Default” approach, Microsoft will begin automatically blocking legacy authentication protocols-specifically RPS (for SharePoint and OneDrive browser access) and FPRPC (used for opening Office files)-across all Microsoft 365 tenants. This change rolls out from mid-July 2025 and completes by August 2025, with no additional licensing […]
Smart Contracts Under Siege
Blockchain Meets Malware Command & Control Researchers have uncovered a sophisticated malware campaign leveraging Ethereum smart contracts as decentralized command-and-control (C2) systems. Attackers are using smart contract–based infrastructure—instead of traditional servers-to issue instructions and maintain persistence in malicious npm package campaigns. This approach transforms blockchain features into resilient attack platforms: immutable, globally accessible, and difficult […]
RMM Hijack: A Silent Threat
Exploiting the Tools You Trust Security investigators have identified a growing cyber threat: attackers are misusing Remote Monitoring and Management (RMM) tools, such as Atera and Splashtop, to gain sustained access within corporate networks. By deploying multiple RMM agents simultaneously, attackers ensure persistence even if one gets discovered and removed. These tools-normally reserved for legitimate […]
CISA Flags ICS Vulnerabilities
CISA Warns of Critical ICS Vulnerabilities The Cybersecurity and Infrastructure Security Agency (CISA) has issued two new advisories concerning vulnerabilities and known exploits affecting Industrial Control Systems (ICS). These advisories come as part of the agency’s ongoing efforts to protect the backbone of critical infrastructure from evolving cyber threats. The advisories highlight severe flaws in […]
APT Poses as Tech Recruiter
A New Breed of Social Engineering Threat A recent investigation has exposed a sophisticated cyber-espionage campaign led by the North Korean-linked group Famous Chollima (APT 37). The group is targeting job seekers-especially software developers and crypto professionals-by impersonating recruiters from well-known companies and delivering malicious payloads disguised as technical assessments. Victims receive seemingly legitimate interview invitations […]
15,000+ Fake TikTok
A Sophisticated Hybrid Scam Uncovered Cybersecurity researchers recently uncovered a large-scale phishing and malware campaign targeting TikTok Shop users, known as FraudOnTok (previously ClickTok). The operation involves over 15,000 fake domains impersonating TikTok Shop to spread malware and steal cryptocurrency. These malicious websites are promoted using AI-generated influencer videos, fraudulent ads on Meta platforms, and […]
Perimeter at Risk: Akira
A Rising Threat at the Network Edge On August 4, 2025, cybersecurity researchers confirmed that the Akira ransomware group has launched a coordinated campaign targeting SonicWall SSL VPN appliances. By exploiting either unpatched vulnerabilities or misconfigured security settings, attackers have successfully bypassed authentication controls and deployed ransomware across sectors like healthcare, education, law, logistics, and […]