Weekly Recap: Critical SAP Exploit, AI-Powered Phishing, Major Breaches, New CVEs & More
How Breaches Start: Breaking Down 5 Real Vulns
Earth Kurma Targets Southeast Asia With Rootkits and Cloud-Based Data Theft Tools
WooCommerce Users Targeted by Fake Patch Phishing Campaign Deploying Site Backdoors
Hackers Exploit Critical Craft CMS Flaws; Hundreds of Servers Likely Compromised
Storm-1977 Hits Education Clouds with AzureChecker, Deploys 200+ Crypto Mining Containers
ToyMaker Uses LAGTOY to Sell Access to CACTUS Ransomware Gangs for Double Extortion
North Korean Hackers Spread Malware via Fake Crypto Firms and Job Interview Lures
SAP Confirms Critical NetWeaver Flaw Amid Suspected Zero-Day Exploitation by Hackers
Why NHIs Are Security's Most Dangerous Blind Spot
Researchers Identify Rack::Static Vulnerability Enabling Data Breaches in Ruby Servers
DslogdRAT Malware Deployed via Ivanti ICS Zero-Day CVE-2025-0282 in Japan Attacks
Lazarus Hits 6 South Korean Firms via Cross EX, Innorix Zero-Day and ThreatNeedle Malware
Linux io_uring PoC Rootkit Bypasses System Call-Based Threat Detection Tools
159 CVEs Exploited in Q1 2025 ' 28.3% Within 24 Hours of Disclosure
Darcula Adds GenAI to Phishing Toolkit, Lowering the Barrier for Cybercriminals
Critical Commvault Command Center Flaw Enables Attackers to Execute Code Remotely
WhatsApp Adds Advanced Chat Privacy to Blocks Chat Exports and Auto-Downloads
DPRK Hackers Steal $137M from TRON Users in Single-Day Phishing Attack
Iran-Linked Hackers Target Israel with MURKYTOUR Malware via Fake Job Campaign
Android Spyware Disguised as Alpine Quest App Targets Russian Military Devices
Three Reasons Why the Browser is Best for Stopping Phishing Attacks
Russian Hackers Exploit Microsoft OAuth to Target Ukraine Allies via Signal and WhatsApp
Ripple's xrpl.js npm Package Backdoored to Steal Private Keys in Major Supply Chain Attack
Google Drops Cookie Prompt in Chrome, Adds IP Protection to Incognito
Docker Malware Exploits Teneo Web3 Node to Earn Crypto via Fake Heartbeat Signals
GCP Cloud Composer Bug Let Attackers Elevate Access via Malicious PyPI Packages
5 Major Concerns With Employees Using The Browser
Phishers Exploit Google Sites and DKIM Replay to Send Signed Emails, Steal Credentials
Microsoft Secures MSA Signing with Azure Confidential VMs Following Storm-0558 Breach
Lotus Panda Hacks SE Asian Governments With Browser Stealers and Sideloaded Malware
Kimsuky Exploits BlueKeep RDP Vulnerability to Breach Systems in South Korea and Japan
SuperCard X Android Malware Enables Contactless ATM and PoS Fraud via NFC Relay Attacks
5 Reasons Device Management Isn't Device Trust
THN Weekly Recap: iOS Zero-Days, 4Chan Breach, NTLM Exploits, WhatsApp Spyware & More
Hackers Abuse Russian Bulletproof Host Proton66 for Global Attacks and Malware Delivery
APT29 Deploys GRAPELOADER Malware Targeting European Diplomats Through Wine-Tasting Lures
Rogue npm Packages Mimic Telegram Bot API to Plant SSH Backdoors on Linux Systems
ASUS Confirms Critical Flaw in AiCloud Routers; Users Urged to Update Firmware
Chinese Smishing Kit Powers Widespread Toll Fraud Campaign Targeting U.S. Users in 8 States
Multi-Stage Malware Attack Uses .JSE and PowerShell to Deploy Agent Tesla and XLoader
[Webinar] AI Is Already Inside Your SaaS Stack ' Learn How to Prevent the Next Silent Breach
Experts Uncover New XorDDoS Controller, Infrastructure as Malware Expands to Docker, Linux, IoT
CVE-2025-24054 Under Active Attack'Steals NTLM Credentials on File Download
Mustang Panda Targets Myanmar With StarProxy, EDR Bypass, and TONESHELL Updates
State-Sponsored Hackers Weaponize ClickFix Tactic in Targeted Malware Campaigns
Artificial Intelligence ' What's all the fuss
Blockchain Offers Security Benefits ' But Don't Neglect Your Passwords
Critical Erlang/OTP SSH Vulnerability (CVSS 10.0) Allows Unauthenticated Code Execution
Node.js Malware Campaign Targets Crypto Users with Fake Binance and TradingView Installers
CISA Flags Actively Exploited Vulnerability in SonicWall SMA Devices
Apple Patches Two Actively Exploited iOS Flaws Used in Sophisticated Targeted Attacks
Experts Uncover Four New Privilege Escalation Flaws in Windows Task Scheduler
Google Blocked 5.1B Harmful Ads and Suspended 39.2M Advertiser Accounts in 2024
Gamma AI Platform Abused in Phishing Chain to Spoof Microsoft SharePoint Logins
From Third-Party Vendors to U.S. Tariffs: The New Cyber Risks Facing Supply Chains
New BPFDoor Controller Enables Stealthy Lateral Movement in Linux Server Attacks
Product Walkthrough: A Look Inside Wing Security's Layered SaaS Identity Defense
Chinese Android Phones Shipped with Fake WhatsApp, Telegram Apps Targeting Crypto Users
U.S. Govt. Funding for MITRE's CVE Ends April 16, Cybersecurity Community on Alert
Chinese Hackers Target Linux Systems Using SNOWLIGHT Malware and VShell Tool
Critical Apache Roller Vulnerability (CVSS 10.0) Enables Unauthorized Session Persistence
Malicious PyPI Package Targets MEXC Trading API to Steal Credentials and Redirect Orders
Majority of Browser Extensions Can Access Sensitive Enterprise Data, New Report Finds
Crypto Developers Targeted by Python Malware Disguised as Coding Challenges
Gladinet's Triofox and CentreStack Under Active Exploitation via Critical RCE Vulnerability
Meta Resumes E.U. AI Training Using Public User Data After Regulator Approval
ResolverRAT Campaign Targets Healthcare, Pharma via Phishing and DLL Side-Loading
Phishing Campaigns Use Real-Time Checks to Validate Victim Emails Before Credential Theft
Weekly Recap: Windows 0-Day, VPN Exploits, Weaponized AI, Hijacked Antivirus and More
Cybersecurity in the AI Era: Evolve Faster Than the Threats or Get Left Behind
Pakistan-Linked Hackers Expand Targets in India with CurlBack RAT and Spark RAT
Fortinet Warns Attackers Retain FortiGate Access Post-Patching via SSL-VPN Symlink Exploit
Paper Werewolf Deploys PowerModul Implant in Targeted Cyberattacks on Russian Sectors
Initial Access Brokers Shift Tactics, Selling More for Less
Palo Alto Networks Warns of Brute-Force Attempts Targeting PAN-OS GlobalProtect Gateways
SpyNote, BadBazaar, MOONSHINE Malware Target Android and iOS Users via Fake Apps
OttoKit WordPress Plugin Admin Creation Vulnerability Under Active Exploitation
Incomplete Patch in NVIDIA Toolkit Leaves CVE-2024-0132 Open to Container Escapes
A POPES FUNERAL AND NEW LEADERSHIP PARADIGM - Thisday
An angel of disobedience - The Nation
Bagos security absurdities - The Nation
Be careful: Humility can mess you up - The Sun
Data is the new oil, whos running the refinery - Guardian
Democracy in disarray - Guardian
Governor Alia must save himself from himself - The Sun
Health benefits of socialising (1) - Punch
Healthcare in rural Africa: A crisis demanding collective action - Guardian
Insecurity and partisan politics - The Nation
Is it time for a black pope' Reflections on Pope Francis - Guardian
Jesus love for the poor, war on poverty - The Sun
Nigerian education: A roadmap to better learning - Guardian
Presidentialmonologue Part 60 - Guardian
Saluting Lt. Col. Onyechi Anele, Nigerias first female Army spokesperson - Guardian
To ensure fuel price stability post-subsidy removal - Guardian