Securing your network for the holidays
Tips to better protect your network over extended breaks.
Similar Posts
APT28 Targets Ukrainian UKR-net Users in Long-Running Credential Phishing Campaign
Bys sThe Russian state-sponsored threat actor known as APT28 has been attributed to what has been described as a “sustained” credential-harvesting campaign targeting users of UKR[.]net, a webmail and news service popular in Ukraine. The activity, observed by Recorded Future’s Insikt Group between June 2024 and April 2025, builds upon prior findings from the cybersecurity company…
Malicious PyPI Package Posing as Solana Tool Stole Source Code in 761 Downloads
Bys sCybersecurity researchers have discovered a malicious package on the Python Package Index (PyPI) repository that purports to be an application related to the Solana blockchain, but contains malicious functionality to steal source code and developer secrets. The package, named solana-token, is no longer available for download from PyPI, but not before it was downloaded 761…
[Webinar] Shadow AI Agents Multiply Fast — Learn How to Detect and Control Them
Bys s⚠️ One click is all it takes. An engineer spins up an “experimental” AI Agent to test a workflow. A business unit connects to automate reporting. A cloud platform quietly enables a new agent behind the scenes. Individually, they look harmless. But together, they form an invisible swarm of Shadow AI Agents—operating outside security’s line…
Hackers Claim Data Breach at Bulgaria’s Supreme Administrative Court
Bys sNovinite reports: The Ransomhouse hacker group has claimed responsibility for stealing data from the Supreme Administrative Court’s information systems. The group published documents, including lists of employee names, personal data, and leave applications, as evidence of the breach, according to cybersecurity website Questona. Along with the leaked documents, the hackers addressed the court’s management with a message urging them to make contact….
RubyGems, PyPI Hit by Malicious Packages Stealing Credentials, Crypto, Forcing Security Changes
Bys sA fresh set of 60 malicious packages has been uncovered targeting the RubyGems ecosystem by posing as seemingly innocuous automation tools for social media, blogging, or messaging services to steal credentials from unsuspecting users. The activity is assessed to be active since at least March 2023, according to the software supply chain security company Socket….
X Warns Users With Security Keys to Re-Enroll Before November 10 to Avoid Lockouts
Bys sSocial media platform X is urging users who have enrolled for two-factor authentication (2FA) using passkeys and hardware security keys like Yubikeys to re-enroll their key to ensure continued access to the service. To that end, users are being asked to complete the re-enrollment, either using their existing security key or enrolling a new one,…