Category: Uncategorized
-
GIFTEDCROOK Malware Evolves: From Browser Stealer to Intelligence-Gathering Tool [email protected] (The Hacker News)
The threat actor behind the GIFTEDCROOK malware has made significant updates to turn the malicious program from a basic browser data stealer to a potent intelligence-gathering tool. “Recent campaigns in June 2025 demonstrate GIFTEDCROOK’s enhanced ability to exfiltrate a broad range of sensitive documents from the devices of targeted individuals, including potentially proprietary files andRead…
-
Facebook’s New AI Tool Asks to Upload Your Photos for Story Ideas, Sparking Privacy Concerns [email protected] (The Hacker News)
Facebook, the social network platform owned by Meta, is asking for users to upload pictures from their phones to suggest collages, recaps, and other ideas using artificial intelligence (AI), including those that have not been directly uploaded to the service. According to TechCrunch, which first reported the feature, users are being served a new pop-up…
-
12 DevSecOps tools to secure each step of the SDLC
DevSecOps tools integrate security throughout development. These 12 options enhance workflows from coding to deployment without slowing teams down.Read More
-
What is phishing? Understanding enterprise phishing threats
Phishing is a fraudulent practice in which an attacker masquerades as a reputable entity or person to trick users into revealing sensitive information.Read More
-
Over 1,000 SOHO Devices Hacked in China-linked LapDogs Cyber Espionage Campaign [email protected] (The Hacker News)
Threat hunters have discovered a network of more than 1,000 compromised small office and home office (SOHO) devices that have been used to facilitate a prolonged cyber espionage infrastructure campaign for China-nexus hacking groups. The Operational Relay Box (ORB) network has been codenamed LapDogs by SecurityScorecard’s STRIKE team. “The LapDogs network has a high concentration…
-
The CISO evolution: From security gatekeeper to strategic leader
Amid accelerating digital transformation and growing regulatory pressure, leading CISOs have emerged from behind the scenes and taken the stage as influential business leaders.Read More
-
SBOM formats explained: Guide for enterprises
SBOMs inventory software components to help enhance security by tracking vulnerabilities. Teams have three standard SBOM formats to choose from: CycloneDX, SPDX and SWID tags.Read More
-
PUBLOAD and Pubshell Malware Used in Mustang Panda’s Tibet-Specific Attack [email protected] (The Hacker News)
A China-linked threat actor known as Mustang Panda has been attributed to a new cyber espionage campaign directed against the Tibetan community. The spear-phishing attacks leveraged topics related to Tibet, such as the 9th World Parliamentarians’ Convention on Tibet (WPCT), China’s education policy in the Tibet Autonomous Region (TAR), and a recently published book by…
-
What is a virtual CISO (vCISO)? Does your business need one?
The virtual chief information security officer (vCISO) is a C-suite-level security professional or service provider who offers CISO-level expertise on a part-time, remote or contractual basis.Read More
-
Business Case for Agentic AI SOC Analysts [email protected] (The Hacker News)
Security operations centers (SOCs) are under pressure from both sides: threats are growing more complex and frequent, while security budgets are no longer keeping pace. Today’s security leaders are expected to reduce risk and deliver results without relying on larger teams or increased spending. At the same time, SOC inefficiencies are draining resources. Studies show…