News

React2Shell flaw (CVE-2025-55182) exploited for remote code execution

Bys s January 14, 2026

The availability of exploit code will likely lead to more widespread opportunistic attacks

Tags: Threat Research, Featured, vulnerability, react2shell

News

Open-Source CyberStrikeAI Deployed in AI-Driven FortiGate Attacks Across 55 Countries
Bys s March 3, 2026

The threat actor behind the recently disclosed artificial intelligence (AI)-assisted campaign targeting Fortinet FortiGate appliances leveraged an open-source, AI-native security testing platform called CyberStrikeAI to execute the attacks. The new findings come from Team Cymru, which detected its use following an analysis of the IP address (“212.11.64[.]250”) that was used by the suspected

Read More Open-Source CyberStrikeAI Deployed in AI-Driven FortiGate Attacks Across 55 Countries
News

The U.K. is considering prohibiting ransom payments. It’s a difficult issue.
Bys s January 20, 2025

How many times have the FBI and CISA urged entities NOT to pay ransom because it just encourages the attackers to attack more, while others suggest that a total ban would make things a lot worse? On January 14, the U.K. government opened a consultation, Ransomware legislative proposals: reducing payments to cyber criminals and increasing…

Read More The U.K. is considering prohibiting ransom payments. It’s a difficult issue.
News

Iran-Linked DCHSpy Android Malware Masquerades as VPN Apps to Spy on Dissidents
Bys s July 21, 2025

Cybersecurity researchers have unearthed new Android spyware artifacts that are likely affiliated with the Iranian Ministry of Intelligence and Security (MOIS) and have been distributed to targets by masquerading as VPN apps and Starlink, a satellite internet connection service offered by SpaceX. Mobile security vendor Lookout said it discovered four samples of a surveillanceware tool…

Read More Iran-Linked DCHSpy Android Malware Masquerades as VPN Apps to Spy on Dissidents
News

AI-Powered Villager Pen Testing Tool Hits 11,000 PyPI Downloads Amid Abuse Concerns
Bys s September 15, 2025

A new artificial intelligence (AI)-powered penetration testing tool linked to a China-based company has attracted nearly 11,000 downloads on the Python Package Index (PyPI) repository, raising concerns that it could be repurposed by cybercriminals for malicious purposes. Dubbed Villager, the framework is assessed to be the work of Cyberspike, which has positioned the tools as…

Read More AI-Powered Villager Pen Testing Tool Hits 11,000 PyPI Downloads Amid Abuse Concerns
News

Malvertising Scam Uses Fake Google Ads to Hijack Microsoft Advertising Accounts
Bys s January 31, 2025

Cybersecurity researchers have discovered a malvertising campaign that’s targeting Microsoft advertisers with bogus Google ads that aim to take them to phishing pages that are capable of harvesting their credentials. “These malicious ads, appearing on Google Search, are designed to steal the login information of users trying to access Microsoft’s advertising platform,” Jérôme Segura, senior

Read More Malvertising Scam Uses Fake Google Ads to Hijack Microsoft Advertising Accounts
News

How to Integrate AI into Modern SOC Workflows
Bys s December 30, 2025

Artificial intelligence (AI) is making its way into security operations quickly, but many practitioners are still struggling to turn early experimentation into consistent operational value. This is because SOCs are adopting AI without an intentional approach to operational integration. Some teams treat it as a shortcut for broken processes. Others attempt to apply machine learning…

Read More How to Integrate AI into Modern SOC Workflows

Similar Posts