Threat Actors Deploy Tiflux RMM for Persistent Remote Access
Threat actors are abusing legitimate RMM tools as a means of creating persistence inside victims’ systems, using the Tiflux RMM tool. Tiflux is a reputable B...
20 articles
Threat actors are abusing legitimate RMM tools as a means of creating persistence inside victims’ systems, using the Tiflux RMM tool. Tiflux is a reputable B...
The Mini Shai-Hulud campaign used malicious npm packages to target cloud and CI/CD credentials across developer environments. This report details the attack ...
AWS Network Firewall now supports native attachment to AWS Transit Gateway. Customers commonly use Transit Gateway to route traffic from Amazon Virtual Priva...
Last week, there were disclosed in and that have been added to the Wordfence Intelligence Vulnerability Database, and there were that contributed to WordPres...
The funding round was led by Balderton Capital, with additional support from Crosspoint Capital and previous investors General Catalyst and Ten Eleven Ventur...
A critical FortiClient Endpoint Management Server (EMS) vulnerability patched in April has been exploited in fresh attacks to deploy information-stealing mal...
The company said the threat actor gained access to a limited portion of its IT environment last month after compromising an employee account. By the end of A...
Microsoft has come out strongly in favor of Coordinated Vulnerability Disclosure (CVD), urging the research community to share their findings and give affect...
A five-stage exploit chain disclosed by Token Security researchers turned a free Zapier account into write access on Zapier’s public developer SDK packages a...
This week on Experts on Experts, I’m joined by Sergio Alonso – Rapid7’s Director of Trust, Risk, and Compliance – to talk about how compliance is changing an...
State of AI Usage Report 2026 (full report here) by LayerX Security reveals the extent of the enterprise AI visibility gap and why most organizations still d...
An overview of the activities of selected APT groups investigated and analyzed by ESET Research in Q4 2025 and Q1 2026
The Silent Ransom Group (SRG) is running a new wave of hands‑on social engineering attacks against law firms, posing as internal IT support to steal sensitiv...
70% of organizations use GenAI in live environments, and 64% have AI agents in pilot or production deployments. Some of those agents have privileged access t...
SRG actors initiate attacks by posing as IT support staff, contacting victims via phone calls or phishing emails to solicit a remote desktop session.
An anonymous source alerted TechCrunch to a security lapse on the UK Visa Portal website, stating that at least 100,000 documents, including passports and se...
The 2025 Internet Crime Report was published a few weeks ago, but I only just saw it. Press release.
Iran’s “hacktivist” group Ababil of Minab, which hit LA Metro and wiped terabytes of data, is forensically linked to Iran’s intelligence service MOIS.
The hacking group claimed to be a standalone hacktivist crew but actually has ties to the Ministry of Intelligence of the Islamic Republic of Iran (MOIS), re...
Career-themed phishing lures targeted employees of US domestic airlines during Operation Epic Fury.