May 06, 2025Ravie LakshmananCybersecurity / Vulnerability A recently disclosed critical security flaw impacting the open-source Langflow platform has been added to the Known Exploited Vulnerabilities (KEV) catalog by the U.S. Cybersecurity and Infrastructure Security Agency…
May 05, 2025Ravie LakshmananNetwork Security / Vulnerability Cybersecurity researchers have disclosed a series of now-patched security vulnerabilities in Apple’s AirPlay protocol that, if successfully exploited, could enable an attacker to take over susceptible devices supporting…
May 05, 2025Ravie LakshmananVulnerability / Zero-Day The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a maximum-severity security flaw impacting Commvault Command Center to its Known Exploited Vulnerabilities (KEV) catalog, a little over a…
May 05, 2025Ravie LakshmananCybersecurity / Hacking News What if attackers aren’t breaking in—they’re already inside, watching, and adapting? This week showed a sharp rise in stealth tactics built for long-term access and silent control. AI…
Let’s be honest: if you’re one of the first (or the first) security hires at a small or midsize business, chances are you’re also the unofficial CISO, SOC, IT Help Desk, and whatever additional roles…
The threat actors known as Golden Chickens have been attributed to two new malware families dubbed TerraStealerV2 and TerraLogger, suggesting continued development efforts to fine-tune and diversify their arsenal. “TerraStealerV2 is designed to collect browser…
May 03, 2025Ravie LakshmananSupply Chain Attack / Malware Cybersecurity researchers have discovered three malicious Go modules that include obfuscated code to fetch next-stage payloads that can irrevocably overwrite a Linux system’s primary disk and render…
May 03, 2025Ravie LakshmananMalware / Operational Technology An Iranian state-sponsored threat group has been attributed to a long-term cyber intrusion aimed at a critical national infrastructure (CNI) in the Middle East that lasted nearly two…
The U.S. Department of Justice (DoJ) on Thursday announced charges against a 36-year-old Yemeni national for allegedly deploying the Black Kingdom ransomware against global targets, including businesses, schools, and hospitals in the United States. Rami…
May 02, 2025Ravie LakshmananData Privacy / Social Media Ireland’s Data Protection Commission (DPC) on Friday fined popular video-sharing platform TikTok €530 million ($601 million) for infringing data protection regulations in the region by transferring European…