Cyber security news for all

More

    Mobile Security

    Continuous Threat Exposure Management (CTEM) has emerged as a critical focus for organizations aiming to stay ahead of today’s dynamic cyber risks. While the...

    Rethinking Secrets as Unique Identifiers for Non-Human Identity Governance

    Identity-based cyberattacks continue to surge, with stolen credentials now playing a central role in most breaches. Recent data suggests that compromised secrets are involved in over 80% of incidents, highlighting how attackers increasingly favor credential theft over exploiting software vulnerabilities. While much focus has been on protecting human identities, machine...

    Airline Industry Targeted in Sophisticated Social Engineering Attacks by Expanding Cybercrime Group

    A well-known cybercriminal collective, often referred to as Scattered Spider, has been identified as increasingly focusing its attacks on the aviation sector. Security agencies and private cybersecurity firms are raising alarms about a surge in social engineering attacks designed to bypass even robust security controls such as multi-factor authentication...

    Mustang Panda Targets Tibetan Community with PUBLOAD and Pubshell Malware in Espionage Campaign

    A recent cyber espionage operation has been linked to Mustang Panda, a threat group associated with China, as it intensifies efforts to spy on the Tibetan community. The campaign, observed in June 2025, employs spear-phishing emails themed around Tibetan issues to deliver custom malware strains designed to provide covert...

    Spike in MOVEit Transfer Scanning Signals Renewed Threat of Mass Exploitation Campaigns

    Organizations using Progress MOVEit Transfer are facing renewed security concerns as threat actors ramp up scanning efforts in search of vulnerable systems. Recent data shows a significant and sustained increase in reconnaissance activity targeting MOVEit Transfer deployments, raising fears of an impending wave of exploitation attempts. MOVEit Transfer is widely...

    OneClik Malware Campaign Exploits Microsoft ClickOnce and Golang Backdoors to Target Global Energy Sector

    A new and sophisticated malware campaign has emerged, leveraging Microsoft’s ClickOnce deployment technology alongside custom-built Golang backdoors to infiltrate organizations within the energy, oil, and gas industries. Dubbed OneClik, this attack underscores an evolving threat landscape where adversaries exploit trusted enterprise tools to deliver stealthy payloads. Security researchers have observed...

    Malware & Threats

    Most Popular

    Stay on op - Ge the daily news in your inbox

    Latest Articles