Recent findings by cybersecurity researchers have unveiled a software supply chain attack that specifically targets the Go programming ecosystem. This operation involves a harmful package engineered to provide adversaries with remote access to compromised systems. The malicious package, identified as…
A series of sophisticated phishing campaigns targeting diplomatic and governmental organizations has been linked to a Russian-state sponsored hacking group known as APT29, or Cozy Bear. This threat actor has been active since January 17, 2022, employing a range of…
Fraud Management & Cybercrime, Healthcare, Industry Specific 2024 Cyberattack Targeted Multiple Blood Suppliers Across the US and UK Marianne Kolbasuk McGee (HealthInfoSec) • September 29, 2025 OneBlood has consented to pay $1 million as part of a settlement pertaining to…
Ransomware attacks have increasingly become a pressing digital threat as their sophistication grows, extending beyond traditional data-encrypting malware to include data grab-and-leak tactics. While the conventional form of ransomware that encrypts data and demands a ransom remains prevalent, Google has…
Recent intelligence reveals that North Korean IT professionals are infiltrating Western companies under false pretenses, not only stealing sensitive intellectual property but also extorting their employers for ransom to prevent data exposure. This notable shift signifies an escalation in the…
A recent study published in the International Journal of Services, Economics and Management has revealed that professional aspirations often take precedence over security concerns in cloud usage and management decisions. The research, which surveyed 125 cloud users, found that motivations…
On Tuesday, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) announced the addition of four critical security vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. This move was prompted by clear evidence indicating that these vulnerabilities are currently being exploited…
In recent weeks, the Chinese state-sponsored hacking group known as Override Panda has made headlines again, launching a sophisticated phishing campaign aimed at acquiring sensitive information. This resurgence focuses on utilizing spear-phishing tactics to compromise targeted entities. According to a…
Identity & Access Management, Security Operations Machine Identities Surpass Human Ones, Yet Accountability Remains Inadequate Rashmi Ramesh (rashmiramesh_) • September 29, 2025 Image: Shutterstock The rapidly growing segment of users within enterprises often goes unnoticed in human resources systems. This…
A significant cybersecurity breach has been reported involving the Federal Emergency Management Agency (FEMA), where a hacker accessed its computer networks for several months earlier this year, subsequently stealing sensitive information pertaining to FEMA and U.S. Customs and Border Protection…
