Finding Minhook in a sideloading attack – and Sweden too
Multifaceted changes in TTPs illustrate what researchers see when they start digging
Similar Posts
HackGATE: Setting New Standards for Visibility and Control in Penetration Testing Projects
Bys s
Imagine receiving a penetration test report that leaves you with more questions than answers. Questions like, “Were all functionalities of the web app tested?” or ” Were there any security issues that could have been identified during testing?” often go unresolved, raising concerns about the thoroughness of the security testing. This frustration is common among…
Commvault CVE-2025-34028 Added to CISA KEV After Active Exploitation Confirmed
Bys s
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a maximum-severity security flaw impacting Commvault Command Center to its Known Exploited Vulnerabilities (KEV) catalog, a little over a week after it was publicly disclosed. The vulnerability in question is CVE-2025-34028 (CVSS score: 10.0), a path traversal bug that affects 11.38 Innovation Release, from versions
Seven Malicious Go Packages Found Deploying Malware on Linux and macOS Systems
Bys s
Cybersecurity researchers are alerting of an ongoing malicious campaign targeting the Go ecosystem with typosquatted modules that are designed to deploy loader malware on Linux and Apple macOS systems. “The threat actor has published at least seven packages impersonating widely used Go libraries, including one (github[.]com/shallowmulti/hypert) that appears to target financial-sector developers
Vercel’s v0 AI Tool Weaponized by Cybercriminals to Rapidly Create Fake Login Pages at Scale
Bys s
Unknown threat actors have been observed weaponizing v0, a generative artificial intelligence (AI) tool from Vercel, to design fake sign-in pages that impersonate their legitimate counterparts. “This observation signals a new evolution in the weaponization of Generative AI by threat actors who have demonstrated an ability to generate a functional phishing site from simple text…
The strange tale of ischhfd83: When cybercriminals eat their own
Bys s
A simple customer query leads to a rabbit hole of backdoored malware and game cheats
Sentara Health terminates remote employees after realizing they couldn’t be sure who was doing the work.
Bys s
Hiring employees who work remotely can pose additional challenges for security and compliance with regulations. In March, Sentara Health disclosed an incident concern that resulted in the notification of 1,620 patients. They described the concern this way: In December, the Sentara Health’s Lab Services department hired an individual to process lab requisitions. Lab requisitions are…