A Critical Flaw in Docker Engine Permits Attackers to Circumvent Authorization Plugins
Docker has issued a warning about a critical vulnerability in certain versions of Docker Engine that allows attackers to bypass authorization plugins (AuthZ) under specific...
Mandrake Spyware Resurfaces in Google Play Store Apps After a Two-Year Interval
A new variant of the sophisticated Mandrake spyware has been identified in five apps on the Google Play Store, where it evaded detection for two...
The Benefits and Risks of RMM Tools
As remote work becomes more prevalent, IT departments must manage devices spread across various cities and countries, relying on VPNs and remote monitoring and management...
OneDrive Phishing Scam Deceives Users into Executing Malicious PowerShell Script
Cybersecurity researchers have identified a new phishing campaign targeting Microsoft OneDrive users, aiming to execute a malicious PowerShell script. “This campaign extensively uses social engineering...
Iranian Hackers Unleash New BugSleep Backdoor in Cyber Attacks Across the Middle East
The Iranian nation-state group known as MuddyWater has been identified using a new backdoor in a recent attack campaign, deviating from its usual strategy of...
“‘Stargazer Goblin’ Generates 3,000 Fake GitHub Accounts to Distribute Malware”
A threat actor known as Stargazer Goblin has established a network of fake GitHub accounts to support a Distribution-as-a-Service (DaaS) operation, spreading various types of...
Offensive AI: The Essential Element of Cybersecurity
“Peace represents the ideal of civilization, while war embodies its failings. However, it is frequently through the trials of war that the most effective tools...
Chinese Hackers Target Taiwan and U.S. Nonprofits Using MgBot and MACMA Malware
Organizations in Taiwan and a U.S.-based non-governmental organization (NGO) in China have come under attack by Daggerfly, a state-sponsored hacking group affiliated with Beijing, which...
North Korean Hackers Transition from Cyber Espionage to Ransomware Attacks
A North Korean-affiliated threat actor renowned for its cyber espionage activities has increasingly shifted towards financially-driven attacks involving ransomware, distinguishing it from other nation-state hacking...
Malicious PyPI Package Aims to Steal Google Cloud Credentials from macOS Users
Cybersecurity researchers have identified a malicious package on the Python Package Index (PyPI) that targets macOS systems with the intent of stealing Google Cloud credentials...
