Guides, playbooks, and learning resources to level up your cybersecurity knowledge and keep your organization secure.
New RFP guide helps CISOs evaluate AI governance tools, focusing on interaction-level security and vendor accountability.
The emerging actor, part of the APT41 nexus, gains initial access via phishing, and uses legitimate network services to obscure cyber espionage activities.
And another XWorm[1] wave in the wild! This malware family is not new and heavily spread but delivery techniques always evolve and deserve to be described to show you how threat actors can be imaginative! This time, we are facing another piece of multi-technology malware.
Malicious Packagist Laravel packages install a cross-platform RAT enabling remote shell access and system reconnaissance via C2 server.
Researchers link Silver Dragon APT to APT41 after attacks on government entities using Cobalt Strike, DNS tunneling, and Google Drive-based C2.
CISA adds VMware Aria Operations command injection flaw CVE-2026-22719 to KEV after reports of active exploitation; patches released by Broadcom.
No description available.
India-nexus cyber threat actors are growing more active and sophisticated, using custom tools coded in Rust and cloud-based command and control.
Like many other features and systems in modern cars, tire pressure sensors leak sensitive data that can be abused by threat actors.
The exploitation activity against CVE-2026-21385, a high-severity memory corruption flaw, could be tied to commercial spyware or nation-state threat groups.
Lessons from history highlight why AI-enabled browsers require controlled enablement.
Fake IT support calls delivered Havoc C2, enabling credential theft, lateral movement, and ransomware prep across five organizations.
