News

Locking it down: A new technique to prevent LLM jailbreaks

Bys s October 24, 2025

Following on from our preview, here’s the full rundown on LLM salting: a novel countermeasure against LLM jailbreaks, developed by AI researchers at Sophos X-Ops

News

Misconfigurations Are Not Vulnerabilities: The Costly Confusion Behind Security Risks
Bys s August 5, 2025

In SaaS security conversations, “misconfiguration” and “vulnerability” are often used interchangeably. But they’re not the same thing. And misunderstanding that distinction can quietly create real exposure. This confusion isn’t just semantics. It reflects a deeper misunderstanding of the shared responsibility model, particularly in SaaS environments where the line between vendor and customer

Read More Misconfigurations Are Not Vulnerabilities: The Costly Confusion Behind Security Risks
News

Hackers Exploit Apache HTTP Server Flaw to Deploy Linuxsys Cryptocurrency Miner
Bys s July 17, 2025

Cybersecurity researchers have discovered a new campaign that exploits a known security flaw impacting Apache HTTP Server to deliver a cryptocurrency miner called Linuxsys. The vulnerability in question is CVE-2021-41773 (CVSS score: 7.5), a high-severity path traversal vulnerability in Apache HTTP Server version 2.4.49 that could result in remote code execution. “The attacker leverages

Read More Hackers Exploit Apache HTTP Server Flaw to Deploy Linuxsys Cryptocurrency Miner
News

Researchers Uncover WatchGuard VPN Bug That Could Let Attackers Take Over Devices
Bys s October 17, 2025

Cybersecurity researchers have disclosed details of a recently patched critical security flaw in WatchGuard Fireware that could allow unauthenticated attackers to execute arbitrary code. The vulnerability, tracked as CVE-2025-9242 (CVSS score: 9.3), is described as an out-of-bounds write vulnerability affecting Fireware OS 11.10.2 up to and including 11.12.4_Update1, 12.0 up to and including

Read More Researchers Uncover WatchGuard VPN Bug That Could Let Attackers Take Over Devices
News

SpyNote, BadBazaar, MOONSHINE Malware Target Android and iOS Users via Fake Apps
Bys s April 11, 2025

Cybersecurity researchers have found that threat actors are setting up deceptive websites hosted on newly registered domains to deliver a known Android malware called SpyNote. These bogus websites masquerade as Google Play Store install pages for apps like the Chrome web browser, indicating an attempt to deceive unsuspecting users into installing the malware instead. “The…

Read More SpyNote, BadBazaar, MOONSHINE Malware Target Android and iOS Users via Fake Apps
News

Hackers Turn Velociraptor DFIR Tool Into Weapon in LockBit Ransomware Attacks
Bys s October 11, 2025

Threat actors are abusing Velociraptor, an open-source digital forensics and incident response (DFIR) tool, in connection with ransomware attacks likely orchestrated by Storm-2603 (aka CL-CRI-1040 or Gold Salem), which is known for deploying the Warlock and LockBit ransomware. The threat actor’s use of the security utility was documented by Sophos last month. It’s assessed that…

Read More Hackers Turn Velociraptor DFIR Tool Into Weapon in LockBit Ransomware Attacks
News

Kosovo National Pleads Guilty To Operating An Online Criminal Marketplace
Bys s September 9, 2025

There’s an update on a previously reported case: Tampa, Florida – United States Attorney Gregory W. Kehoe announces that Liridon Masurica (33, Gjilan, Kosovo), also known as “@blackdb,” has pleaded guilty to conspiracy to commit access device fraud. Masurica faces a maximum penalty of 10 years in federal prison. A sentencing date has not yet been……

Read More Kosovo National Pleads Guilty To Operating An Online Criminal Marketplace

Similar Posts