What are IABs? Initial Access Brokers (IABs) specialize in gaining unauthorized entry into computer systems and networks, then selling that access to other cybercriminals. This division of labor allows IABs to concentrate on their core…
Apr 11, 2025Ravie LakshmananVulnerability / Network Security Palo Alto Networks has revealed that it’s observing brute-force login attempts against PAN-OS GlobalProtect gateways, days after threat actors warned of a surge in suspicious login scanning activity…
Apr 10, 2025Ravie LakshmananContainer Security / Vulnerability Cybersecurity researchers have detailed a case of an incomplete patch for a previously addressed security flaw impacting the NVIDIA Container Toolkit that, if successfully exploited, could put sensitive…
Apr 10, 2025Ravie LakshmananMalware / Cryptocurrency Threat actors are continuing to upload malicious packages to the npm registry so as to tamper with already-installed local versions of legitimate libraries to execute malicious code in what’s…
Overview of the PlayPraetor Masquerading Party Variants CTM360 has now identified a much larger extent of the ongoing Play Praetor campaign. What started with 6000+ URLs of a very specific banking attack has now grown…
Apr 10, 2025The Hacker NewsAI Security / Enterprise Security AI agents have rapidly evolved from experimental technology to essential business tools. The OWASP framework explicitly recognizes that Non-Human Identities play a key role in agentic…
Apr 10, 2025Ravie LakshmananCyber Espionage / Malware The Russia-linked threat actor known as Gamaredon (aka Shuckworm) has been attributed to a cyber attack targeting a foreign military mission based in Ukraine with an aim to…
Law enforcement authorities have announced that they tracked down the customers of the SmokeLoader malware and detained at least five individuals. “In a coordinated series of actions, customers of the Smokeloader pay-per-install botnet, operated by…
Apr 10, 2025Ravie LakshmananWebsite Security / Cybercrime Cybersecurity researchers have disclosed details of an artificial intelligence (AI) powered platform called AkiraBot that’s used to spam website chats, comment sections, and contact forms to promote dubious…
Lovable, a generative artificial intelligence (AI) powered platform that allows for creating full-stack web applications using text-based prompts, has been found to be the most susceptible to jailbreak attacks, allowing novice and aspiring cybercrooks to…