Crypto Scams in Firefox
Mozilla Firefox add-on ecosystem has recently become the target of a sophisticated and dangerous attack. Over 40 fake cryptocurrency wallet extensions were discovered in the Firefox Add-ons Store, mimicking popular digital wallets such as Ledger, MetaMask, Trezor, and Rabby. These malicious add-ons are designed with one purpose – to steal users’ seed phrases and drain […]
Defending Infrastructure from Cyber Threats
In today’s interconnected world, cyber threats from nation-state actors pose significant risks to essential services and national security. Recent alerts from leading U.S. cybersecurity agencies warn of increasing activity by Iranian-affiliated cyber actors targeting vulnerable networks across government, energy, finance, healthcare, and technology sectors. These state-sponsored threats are sophisticated and persistent, using a variety of […]
SEC’s New Data Privacy Rules
Financial institutions are now operating under tighter scrutiny with the SEC’s newly adopted amendments to Regulation S‑P. These updates mark a significant shift in how broker-dealers, investment advisers, and transfer agents must safeguard client data, respond to security incidents, and notify affected individuals. This move comes in response to a growing number of cyber breaches […]
GIFTEDCROOK’s Silent Threat
On June 28, cybersecurity researchers confirmed that the GIFTEDCROOK malware has evolved from a basic data stealer into a powerful intelligence-gathering weapon. Once known for stealing browser credentials and cookies, GIFTEDCROOK is now targeting sensitive documents from high-value sectors like government, finance, and healthcare. Recent attacks show that threat actors are actively using this malware […]
New York’s Cyber Mandate
The insurance industry is facing an unprecedented surge in Cyber threats against public agencies have reached a critical tipping point. In response, New York State has enacted a new law that marks a major leap in government cyber accountability. The legislation now mandates that municipalities and local public authorities report cyberattacks within 72 hours and […]
LapDogs & ORB Espionage
In the dim corridors of global cyber activity, a new actor has emerged not as a singular attacker, but as a silent, distributed network weaving through homes and small offices. The LapDogs campaign, uncovered by SecurityScorecard’s STRIKE team, presents a chilling example of how inconspicuous devices can be transformed into powerful espionage tools. This discovery reveals over […]
African Banks Under Siege
Cybersecurity threats are no longer limited to sophisticated malware built in the shadows. Increasingly, open-source tools-widely used for legitimate testing and development-are being exploited by cybercriminals to breach financial institutions across Africa. This evolution marks a significant shift in attacker behavior. Open-source frameworks such as Metasploit, Cobalt Strike, and Empire are enabling attackers to conduct […]
The AI Readiness Gap
The AI Security Wake-Up Call The rapid evolution of artificial intelligence has ushered in a new frontier for productivity, personalization, and automation across every sector-from finance and healthcare to retail and SaaS. But as adoption skyrockets, one truth becomes painfully clear: the vast majority of organizations are dangerously unprepared for the cybersecurity threats emerging alongside […]
SAP & Citrix: Hidden Threats
SAP’s latest security bulletin sent ripples through enterprise IT teams, uncovering flaws in one of the most used enterprise tools: SAP GUI. Two medium-severity vulnerabilities (CVE-2025–0055 and CVE-2025–0056) in SAP GUI for Windows and Java reveal how innocuous features can evolve into exploitable weak points particularly when they handle sensitive memory. At the heart of […]
Aflac Cybersecurity Incident
In today’s digital landscape, trust forms the backbone of business operations, especially in industries managing sensitive personal information. On June 25, 2025, Aflac, a leading US health and life insurance provider, revealed it was investigating a cybersecurity incident affecting its US network. Although investigations are ongoing, early indicators suggest the attack may be linked to […]