News

Introducing Sophos Advisory Services

Bys s October 1, 2025

See how your networks, systems, and employees stand up to simulated attacks before an adversary strikes.

News

ClickFix Malware Campaign Exploits CAPTCHAs to Spread Cross-Platform Infections
Bys s August 5, 2025

A combination of propagation methods, narrative sophistication, and evasion techniques enabled the social engineering tactic known as ClickFix to take off the way it did over the past year, according to new findings from Guardio Labs. “Like a real-world virus variant, this new ‘ClickFix’ strain quickly outpaced and ultimately wiped out the infamous fake browser…

Read More ClickFix Malware Campaign Exploits CAPTCHAs to Spread Cross-Platform Infections
News

Silver Fox Exploits Microsoft-Signed WatchDog Driver to Deploy ValleyRAT Malware
Bys s September 2, 2025

The threat actor known as Silver Fox has been attributed to abuse of a previously unknown vulnerable driver associated with WatchDog Anti-malware as part of a Bring Your Own Vulnerable Driver (BYOVD) attack aimed at disarming security solutions installed on compromised hosts. The vulnerable driver in question is “amsdk.sys” (version 1.0.600), a 64-bit, validly signed…

Read More Silver Fox Exploits Microsoft-Signed WatchDog Driver to Deploy ValleyRAT Malware
News

Rogue npm Packages Mimic Telegram Bot API to Plant SSH Backdoors on Linux Systems
Bys s April 19, 2025

Cybersecurity researchers have uncovered three malicious packages in the npm registry that masquerade as a popular Telegram bot library but harbor SSH backdoors and data exfiltration capabilities. The packages in question are listed below – node-telegram-utils (132 downloads) node-telegram-bots-api (82 downloads) node-telegram-util (73 downloads) According to supply chain

Read More Rogue npm Packages Mimic Telegram Bot API to Plant SSH Backdoors on Linux Systems
News

Cyberhaven Chrome Extension Hack Linked to Widening Supply Chain Campaign
By December 31, 2024

The recent compromise of Cyberhaven’s Chrome extension appears to be part of a broad campaign that started over a year ago. The post Cyberhaven Chrome Extension Hack Linked to Widening Supply Chain Campaign appeared first on SecurityWeek.

Read More Cyberhaven Chrome Extension Hack Linked to Widening Supply Chain Campaign
News

Microsoft Patches 130 Vulnerabilities, Including Critical Flaws in SPNEGO and SQL Server
Bys s July 9, 2025

For the first time in 2025, Microsoft’s Patch Tuesday updates did not bundle fixes for exploited security vulnerabilities, but acknowledged one of the addressed flaws had been publicly known. The patches resolve a whopping 130 vulnerabilities, along with 10 other non-Microsoft CVEs that affect Visual Studio, AMD, and its Chromium-based Edge browser. Of these 10…

Read More Microsoft Patches 130 Vulnerabilities, Including Critical Flaws in SPNEGO and SQL Server
News

New U.S. Visa Rule Requires Applicants to Set Social Media Account Privacy to Public
Bys s June 24, 2025

The United States Embassy in India has announced that applicants for F, M, and J nonimmigrant visas should make their social media accounts public. The new guideline seeks to help officials verify the identity and eligibility of applicants under U.S. law. The U.S. Embassy said every visa application review is a “national security decision.” “Effective…

Read More New U.S. Visa Rule Requires Applicants to Set Social Media Account Privacy to Public

Similar Posts