News

Finding Minhook in a sideloading attack – and Sweden too

Bys s April 29, 2025

Multifaceted changes in TTPs illustrate what researchers see when they start digging

News

Google and Apple roll out emergency security updates after zero-day attacks
Bys s December 12, 2025

Lorenzo Franceschi-Bicchierai reports: Apple and Google have released several software updates to protect against a hacking campaign targeting an unknown number of their users. On Wednesday, Google released patches for a handful of security bugs in its Chrome browser, noting that one of the bugs was being actively exploited by hackers before the company had time to……

Read More Google and Apple roll out emergency security updates after zero-day attacks
News

Compromised IAM Credentials Power a Large AWS Crypto Mining Campaign
Bys s December 16, 2025

An ongoing campaign has been observed targeting Amazon Web Services (AWS) customers using compromised Identity and Access Management (IAM) credentials to enable cryptocurrency mining. The activity, first detected by Amazon’s GuardDuty managed threat detection service and its automated security monitoring systems on November 2, 2025, employs never-before-seen persistence techniques to hamper

Read More Compromised IAM Credentials Power a Large AWS Crypto Mining Campaign
News

PlushDaemon APT Targets South Korean VPN Provider in Supply Chain Attack
Bys s January 22, 2025

A previously undocumented China-aligned advanced persistent threat (APT) group named PlushDaemon has been linked to a supply chain attack targeting a South Korean virtual private network (VPN) provider in 2023, according to new findings from ESET. “The attackers replaced the legitimate installer with one that also deployed the group’s signature implant that we have named…

Read More PlushDaemon APT Targets South Korean VPN Provider in Supply Chain Attack
News

Oracle Health breach compromises patient data at US hospitals
Bys s March 28, 2025

Oracle Health is becoming this year’s poster child for how NOT to respond to an incident. Lawrence Abrams reports: A breach at Oracle Health impacts multiple US healthcare organizations and hospitals after a threat actor stole patient data from legacy servers. Oracle Health has not yet publicly disclosed the incident, but in private communications sent to…

Read More Oracle Health breach compromises patient data at US hospitals
News

Lovable AI Found Most Vulnerable to VibeScamming — Enabling Anyone to Build Live Scam Pages
Bys s April 9, 2025

Lovable, a generative artificial intelligence (AI) powered platform that allows for creating full-stack web applications using text-based prompts, has been found to be the most susceptible to jailbreak attacks, allowing novice and aspiring cybercrooks to set up lookalike credential harvesting pages. “As a purpose-built tool for creating and deploying web apps, its capabilities line up…

Read More Lovable AI Found Most Vulnerable to VibeScamming — Enabling Anyone to Build Live Scam Pages
News

Build a prevention-first defense: The Sophos Cybersecurity Toolkit
Bys s October 30, 2025

Explore the Cybersecurity toolkit and start building your prevention-first strategy today.

Read More Build a prevention-first defense: The Sophos Cybersecurity Toolkit

Similar Posts