Poland shifts away from Signal following cyberattacks on officials’ accounts
Poland told officials to stop using the popular instant messaging app Signal after cyberattacks targeted government accounts. Poland has instructed governmen...
Defense
20 articles
Malaysian government-linked campaign used hidden infrastructure for years
The operation, believed to be a long-term espionage effort, has maintained its command and control infrastructure for several years by employing sophisticate...
Government Backed Hackers Abuse Cloudflare in Malaysian Espionage Campaign
A campaign linked to a suspected Malaysian government operation has been using hidden command and control infrastructure for…
Gamaredon Deploys GammaDrop, GammaLoad in Phishing Campaigns
Gamaredon Uses GammaDrop and GammaLoad Downloaders in Multi-Stage Phishing Attacks. A sustained cyber-espionage campaign linked to the Gamaredon threat group...
IBM executive floated for CISA director as concerns persist for agency
Cybersecurity leaders warn weakened CISA could hurt AI-era defense and threat response.
Hackers Abuse Cloudflare Storage to Exfiltrate Network Files
A sophisticated cyber espionage campaign targeting multiple Malaysian organizations has been uncovered, revealing a highly structured attack chain that blend...
Fast16 Malware Sabotages Nuclear Test Simulations by Altering Data
A newly analyzed cyber-espionage framework called Fast16 has revealed one of the most precise and covert sabotage operations ever uncovered targeting nuclear...
The AI backdoor your security stack is not built to see
Enterprises deploying LLMs have spent the past two years building defenses around a reasonable assumption: malicious behavior leaves a trace in the input. Sc...
Researchers Build First Public Apple M5 macOS Kernel Exploit with Mythos Preview
Security researchers have unveiled the first publicly known macOS kernel memory corruption exploit targeting Apple’s latest M5 silicon, marking a significant...
Former CISA nominee Sean Plankey named US CEO of defense startup
UFORCE, a London-based company founded by Ukrainians, is looking to make drones in America. The post Former CISA nominee Sean Plankey named US CEO of defense...
Welcome to BlackFile: Inside a Vishing Extortion Operation
Written by: Austin Larsen, Tyler McLellan, Genevieve Stark, Dan Ebreo Introduction Google Threat Intelligence Group (GTIG) has continued to track an expansiv...
Microsoft Exposes Kazuar Malware’s Modular P2P Botnet Architecture
Microsoft has revealed new technical insights into Kazuar, a long-running malware linked to the Russian state-backed group Secret Blizzard, highlighting its ...
Hackers Exploit Scheduled Tasks for Persistence in FrostyNeighbor Attacks
Hackers linked to the long-running FrostyNeighbor cyber‑espionage group have intensified attacks against Ukrainian government organizations, deploying update...
Pentagon cyber official calls advanced AI ‘revolutionary warfare’
Paul Lyons, principal deputy assistant secretary for cyber policy, also discussed the importance of cyber offense. The post Pentagon cyber official calls adv...
Meet Fragnesia, the third Linux kernel vulnerability in a month
Linux admins reeling from handling last month’s CopyFail and last week’s Dirty Frag kernel vulnerabilities have a new headache to deal with: Fragnesia. “This...
Defense in depth for autonomous AI agents
As AI agents gain autonomy, defense in depth must evolve, with application-layer design, identity, and human oversight at the center. The post Defense in dep...
Mustang Panda Linked to Updated FDMTP Backdoor in Asia-Pacific Espionage Campaign
Mustang Panda campaign deploys updated FDMTP backdoor against Asia-Pacific and Japan networks
Kazuar: Anatomy of a nation-state botnet
Kazuar, a sophisticated malware family attributed to the Russian state actor Secret Blizzard, has been under constant development for years and continues to ...
Ghostwriter Targets Ukrainian Government With Geofenced PDF Phishing, Cobalt Strike
The Belarus-aligned threat group known as Ghostwriter has been attributed to a fresh set of attacks targeting governmental organizations in Ukraine. Active s...
FlowerStorm phishing gang adopts virtual-machine obfuscation to evade email defenses
A widely active phishing-as-a-service (PhaaS) operation known as FlowerStorm has begun using a browser-based virtual machine to conceal credential theft code...