Cybersecurity

Researchers Identify Rack::Static Vulnerability Enabling Data Breaches in Ruby Servers

Apr 25, 2025Ravie LakshmananVulnerability / Data Breach Cybersecurity researchers have disclosed three security flaws in the Rack Ruby web server interface that, if successfully exploited,...

Cybersecurity

Why NHIs Are Security’s Most Dangerous Blind Spot

When we talk about identity in cybersecurity, most people think of usernames, passwords, and the occasional MFA prompt. But lurking beneath the surface is...

Cybersecurity

New Critical SAP NetWeaver Flaw Exploited to Drop Web Shell, Brute Ratel Framework

Threat actors are likely exploiting a new vulnerability in SAP NetWeaver to upload JSP web shells with the goal of facilitating unauthorized file uploads...

Cybersecurity

North Korean Hackers Spread Malware via Fake Crypto Firms and Job Interview Lures

North Korea-linked threat actors behind the Contagious Interview have set up front companies as a way to distribute malware during the fake hiring process. "In...

Cybersecurity

ToyMaker Uses LAGTOY to Sell Access to CACTUS Ransomware Gangs for Double Extortion

Apr 26, 2025Ravie LakshmananMalware / Vulnerability Cybersecurity researchers have detailed the activities of an initial access broker (IAB) dubbed ToyMaker that has been observed handing...

Cybersecurity

Storm-1977 Hits Education Clouds with AzureChecker, Deploys 200+ Crypto Mining Containers

Apr 27, 2025Ravie LakshmananKubernetes / Cloud Security Microsoft has revealed that a threat actor it tracks as Storm-1977 has conducted password spraying attacks against cloud...

Cybersecurity

Hackers Exploit Critical Craft CMS Flaws; Hundreds of Servers Likely Compromised

Apr 28, 2025Ravie LakshmananWeb Application Security / Vulnerability Threat actors have been observed exploiting two newly disclosed critical security flaws in Craft CMS in zero-day...

Cybersecurity

WooCommerce Users Targeted by Fake Patch Phishing Campaign Deploying Site Backdoors

Apr 28, 2025Ravie LakshmananWebsite Security / Malware Cybersecurity researchers are warning about a large-scale phishing campaign targeting WooCommerce users with a fake security alert urging...

Cybersecurity

Researchers Identify Rack::Static Vulnerability Enabling Data Breaches in Ruby Servers

Why NHIs Are Security’s Most Dangerous Blind Spot

New Critical SAP NetWeaver Flaw Exploited to Drop Web Shell, Brute Ratel Framework

North Korean Hackers Spread Malware via Fake Crypto Firms and Job Interview Lures

ToyMaker Uses LAGTOY to Sell Access to CACTUS Ransomware Gangs for Double Extortion

Storm-1977 Hits Education Clouds with AzureChecker, Deploys 200+ Crypto Mining Containers

Hackers Exploit Critical Craft CMS Flaws; Hundreds of Servers Likely Compromised

WooCommerce Users Targeted by Fake Patch Phishing Campaign Deploying Site Backdoors

Black Myth: Wukong’s Successful Launch Overshadowed by...

NHS Announces £2.5bn Framework for Digital Workplace...

Panalgo Collaborates with COTA to Advance AI...

Bitcoin Nears $104K: How US-China Trade Talks...

NVIDIA R²D²: AI-Driven Robot Mobility & Control...

Mekong Testnet Launch: Key Changes in Ethereum’s...

NVIDIA cuPyNumeric 25.03: Open-Source Multi-GPU NumPy for...

London leverages data-driven approach to combat fare...

Rapidly evolving orphan immunity genes protect human...