Cyber security news for all

More

    Mobile Security

    Continuous Threat Exposure Management (CTEM) has emerged as a critical focus for organizations aiming to stay ahead of today’s dynamic cyber risks. While the...

    Mustang Panda Targets Tibetan Community with PUBLOAD and Pubshell Malware in Espionage Campaign

    A recent cyber espionage operation has been linked to Mustang Panda, a threat group associated with China, as it intensifies efforts to spy on the Tibetan community. The campaign, observed in June 2025, employs spear-phishing emails themed around Tibetan issues to deliver custom malware strains designed to provide covert...

    Spike in MOVEit Transfer Scanning Signals Renewed Threat of Mass Exploitation Campaigns

    Organizations using Progress MOVEit Transfer are facing renewed security concerns as threat actors ramp up scanning efforts in search of vulnerable systems. Recent data shows a significant and sustained increase in reconnaissance activity targeting MOVEit Transfer deployments, raising fears of an impending wave of exploitation attempts. MOVEit Transfer is widely...

    OneClik Malware Campaign Exploits Microsoft ClickOnce and Golang Backdoors to Target Global Energy Sector

    A new and sophisticated malware campaign has emerged, leveraging Microsoft’s ClickOnce deployment technology alongside custom-built Golang backdoors to infiltrate organizations within the energy, oil, and gas industries. Dubbed OneClik, this attack underscores an evolving threat landscape where adversaries exploit trusted enterprise tools to deliver stealthy payloads. Security researchers have observed...

    Critical Flaw in Open VSX Registry Could Have Enabled Massive Supply Chain Attacks Targeting Millions of Developers

    A severe vulnerability discovered in the Open VSX Registry—a popular open-source alternative to the Visual Studio Marketplace—put millions of developers at risk of supply chain compromise. If exploited, the flaw could have granted attackers full control over the extension publishing process, enabling the distribution of malicious updates across countless...

    Cisco Fixes Critical Security Vulnerabilities in ISE and ISE-PIC That Could Lead to Remote Root Compromise

    Cisco has released crucial security updates to address two newly discovered, maximum-severity vulnerabilities in its Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC). These flaws could enable unauthenticated, remote attackers to gain full root-level control over affected systems, posing a significant risk to organizations using these products...

    Malware & Threats

    Most Popular

    Stay on op - Ge the daily news in your inbox

    Latest Articles