News

Sophos India Volunteers Bring Color to Local Schools

Bys s April 16, 2025

Sophos India volunteers transformed two rural schools with vibrant murals, enhancing learning spaces and strengthening community ties.

News

Five Malicious Rust Crates and AI Bot Exploit CI/CD Pipelines to Steal Developer Secrets
Bys s March 11, 2026

Cybersecurity researchers have discovered five malicious Rust crates that masquerade as time-related utilities to transmit .env file data to the threat actors. The Rust packages, published to crates.io, are listed below – chrono_anchor dnp3times time_calibrator time_calibrators time-sync The crates, per Socket, impersonate timeapi.io and were published between late February and early March

Read More Five Malicious Rust Crates and AI Bot Exploit CI/CD Pipelines to Steal Developer Secrets
News

North Carolina tech worker found guilty of insider attack netting $2.5M ransom
Bys s March 19, 2026

Matt Kapko reports: A 27-year-old North Carolina man was found guilty of six counts of extortion for a series of crimes he committed while working as a data analyst contractor for a D.C.-based international technology company, the Justice Department said Thursday. Cameron Nicholas Curry, also known as “Loot,” stole a trove of corporate data, including sensitive……

Read More North Carolina tech worker found guilty of insider attack netting $2.5M ransom
News

Mysterious Database of 184 Million Records Exposes Vast Array of Login Credentials
Bys s May 23, 2025

Matt Burgess and Lily Hay Newman report: The possibility that data could be inadvertently exposed in a misconfigured or otherwise unsecured database is a longtime privacy nightmare that has been difficult to fully address. But the new discovery of a massive trove of 184 million records—including Apple, Facebook, and Google logins and credentials for accounts connected to multiple governments—underscores the risks…

Read More Mysterious Database of 184 Million Records Exposes Vast Array of Login Credentials
News

From point-in-time audits to continuous confidence: How Sophos IT transformed identity defense
Bys s November 18, 2025

“From logging in and connecting to Entra ID to seeing our first actionable findings — it took less than 45 minutes.”

Read More From point-in-time audits to continuous confidence: How Sophos IT transformed identity defense
News

.NET SOAPwn Flaw Opens Door for File Writes and Remote Code Execution via Rogue WSDL
Bys s December 10, 2025

New research has uncovered exploitation primitives in the .NET Framework that could be leveraged against enterprise-grade applications to achieve remote code execution. WatchTowr Labs, which has codenamed the “invalid cast vulnerability” SOAPwn, said the issue impacts Barracuda Service Center RMM, Ivanti Endpoint Manager (EPM), and Umbraco 8. But the number of affected vendors is likely…

Read More .NET SOAPwn Flaw Opens Door for File Writes and Remote Code Execution via Rogue WSDL
News

PyPI Packages Deliver ZiChatBot Malware via Zulip APIs on Windows and Linux
Bys s May 7, 2026

Cybersecurity researchers have discovered three packages on the Python Package Index (PyPI) repository that are designed to stealthily deliver a previously unknown malware family called ZiChatBot on Windows and Linux systems. “While these wheel packages do implement the features described on their PyPI web pages, their true purpose is to covertly deliver malicious files,” Kaspersky

Read More PyPI Packages Deliver ZiChatBot Malware via Zulip APIs on Windows and Linux

Similar Posts