Browsing: Attacks

Inside Storm-2603: The Ransomware Operator Behind ToolShell’s Shadow

Kirsten DoyleAugust 4, 20254 Mins Read

A new name surfaced in Microsoft’s analysis of the ToolShell exploitation campaign earlier this year. Storm-2603. There was no history…

Governments Face Rising Tide of Ransomware Attacks in First Half of 2025

Kirsten DoyleAugust 1, 20254 Mins Read

Ransomware groups are ramping up pressure on the public sector. In the first half of 2025, 208 attacks were recorded…

Sploitlight: Spotlight Exploited to Bypass macOS TCC and Steal Apple Intelligence Data

Josh Breaker RolfeAugust 1, 20253 Mins Read

Security researchers at Microsoft have uncovered a critical macOS vulnerability, dubbed Sploitlight, that allows attackers to bypass Apple’s Transparency, Consent,…

Lazarus Group Weaponizes Open Source in Global Espionage Campaign

Kirsten DoyleJuly 31, 20254 Mins Read

An investigation from Sonatype has exposed a cyber-espionage campaign by North Korea’s infamous Lazarus Group, this time targeting the tools…

Addressing control failures in airline and transport cybersecurity

Martin GreenfieldJuly 30, 20255 Mins Read

On June 27th, 2025, the FBI declared that America’s airlines are under attack from digital threats. Over the past year,…

JSCEAL: The Quiet Malware Campaign Draining Crypto Wallets

Kirsten DoyleJuly 30, 20253 Mins Read

It starts with an ad. The branding looks familiar; Coinbase, Binance, OKX. The ad promises fast trading, high returns, or…

New Malware “Auto-Color” Exploited in Live SAP NetWeaver Attack

Kirsten DoyleJuly 30, 20255 Mins Read

A newly documented attack on a US-based chemicals company is raising fresh concerns in the cybersecurity community, after researchers observed…

“Clean to Factory State”: The AI Prompt That Nearly Wiped AWS Accounts

Kirsten DoyleJuly 29, 20255 Mins Read

Amazon has quietly disclosed a near-catastrophic AI security incident that, while not making headlines, should send chills through every cybersecurity…

Code Execution Through Deception: The Gemini AI CLI Hijack That Almost Went Unnoticed

Kirsten DoyleJuly 29, 20253 Mins Read

A newly discovered vulnerability in Google’s Gemini CLI, an AI-powered tool designed to help developers explore and write code from…

AI-Powered Phishing: How Deepfakes and Gen AI Are Creating the Perfect Scam

Igboanugo David UgochukwuJuly 25, 20255 Mins Read

The digital landscape has become a hunting ground, not for traditional predators wielding crude tools of deception, but for sophisticated…