Skip to content
Security News, Assessments & Alerts Page 78

Security News, Assessments & Alerts

Security Issues, Vulnerabilities, Exploits & Government Alerts

CISA Releases Dynamic New Guide for Stadium and Arena Owners to Fortify Operations, Mitigate Vulnerabilities and Elevate Emergency Preparedness

CISA Releases Dynamic New Guide for Stadium and Arena Owners to Fortify Operations, Mitigate Vulnerabilities and Elevate Emergency Preparedness

WASHINGTON – Today, the Cybersecurity and Infrastructure Security Agency (CISA) released the Venue Guide for Mitigating Dependency Disruptions, a new resource designed to strengthen the resilience of public gathering venues. This guide provides stadium and arena… 

Read More »CISA Releases Dynamic New Guide for Stadium and Arena Owners to Fortify Operations, Mitigate Vulnerabilities and Elevate Emergency Preparedness
China-Linked Ink Dragon Hacks Governments Using ShadowPad and FINALDRAFT Malware

China-Linked Ink Dragon Hacks Governments Using ShadowPad and FINALDRAFT Malware

The threat actor known as Jewelbug has been increasingly focusing on government targets in Europe since July 2025, even as it continues to attack entities located in Southeast Asia and South America. Check Point Research… 

Read More »China-Linked Ink Dragon Hacks Governments Using ShadowPad and FINALDRAFT Malware
GhostPoster Malware Found in 17 Firefox Add-ons with 50,000+ Downloads

GhostPoster Malware Found in 17 Firefox Add-ons with 50,000+ Downloads

Dec 17, 2025Ravie LakshmananAd Fraud / Browser Security A new campaign named GhostPoster has leveraged logo files associated with 17 Mozilla Firefox browser add-ons to embed malicious JavaScript code designed to hijack affiliate links, inject… 

Read More »GhostPoster Malware Found in 17 Firefox Add-ons with 50,000+ Downloads
Compromised IAM Credentials Power a Large AWS Crypto Mining Campaign

Compromised IAM Credentials Power a Large AWS Crypto Mining Campaign

Dec 16, 2025Ravie LakshmananMalware / Threat Detection An ongoing campaign has been observed targeting Amazon Web Services (AWS) customers using compromised Identity and Access Management (IAM) credentials to enable cryptocurrency mining. The activity, first detected… 

Read More »Compromised IAM Credentials Power a Large AWS Crypto Mining Campaign
Rogue NuGet Package Poses as Tracer.Fody, Steals Cryptocurrency Wallet Data

Rogue NuGet Package Poses as Tracer.Fody, Steals Cryptocurrency Wallet Data

Dec 16, 2025Ravie LakshmananCybersecurity / Cryptocurrency Cybersecurity researchers have discovered a new malicious NuGet package that typosquats and impersonates the popular .NET tracing library and its author to sneak in a cryptocurrency wallet stealer. The… 

Read More »Rogue NuGet Package Poses as Tracer.Fody, Steals Cryptocurrency Wallet Data
Amazon Exposes Years-Long GRU Cyber Campaign Targeting Energy and Cloud Infrastructure

Amazon Exposes Years-Long GRU Cyber Campaign Targeting Energy and Cloud Infrastructure

Dec 16, 2025Ravie LakshmananCloud Security / Vulnerability Amazon’s threat intelligence team has disclosed details of a “years-long” Russian state-sponsored campaign that targeted Western critical infrastructure between 2021 and 2025. Targets of the campaign included energy… 

Read More »Amazon Exposes Years-Long GRU Cyber Campaign Targeting Energy and Cloud Infrastructure
Fortinet FortiGate Under Active Attack Through SAML SSO Authentication Bypass

Fortinet FortiGate Under Active Attack Through SAML SSO Authentication Bypass

Dec 16, 2025Ravie LakshmananNetwork Security / Vulnerability Threat actors have begun to exploit two newly disclosed security flaws in Fortinet FortiGate devices, less than a week after public disclosure. Cybersecurity company Arctic Wolf said it… 

Read More »Fortinet FortiGate Under Active Attack Through SAML SSO Authentication Bypass