Cybercriminals continue to exploit Microsoft Word and Excel documents as conduits for malware delivery as we advance through 2025. These methods remain effective, leveraging phishing tactics and zero-click exploits to infiltrate targets with relative ease, particularly in corporate settings where Office documents are routinely shared. This year, there are three…
In a troubling development, Chinese international students in the United Kingdom have been under sustained attack from a group of scammers known as RedZei. This scheme, also referred to as RedThief, has been actively targeting this demographic for over a year. Cybersecurity researcher Will Thomas highlighted the specific vulnerabilities exploited…
The topics include Artificial Intelligence & Machine Learning, Fraud Management & Cybercrime, and Governance & Risk Management. Also: AI Pilot Project Purgatory, Agentic AI Commerce Fraud Concerns Anna Delaney (annamadeline) • September 12, 2025 Clockwise, from top left: Anna Delaney, Tom Field, Rashmi Ramesh, and Suparna Goswami In the latest…
Manhunt Concludes with Arrest in Shooting Incident at Utah Valley University Authorities have successfully apprehended a suspect in the fatal shooting of conservative activist Charlie Kirk, bringing an end to a two-day manhunt. The incident, which occurred on Wednesday during a campus event at Utah Valley University, left the 31-year-old…
Amazon Web Services Targeted in Phishing Campaigns by Threat Group TGR-UNK-0011 Recent investigations by Palo Alto Networks’ Unit 42 have unveiled alarming activities targeting Amazon Web Services (AWS). The threat group known as TGR-UNK-0011, which has been active since 2019, is leveraging misconfigurations within AWS environments to execute sophisticated phishing…
Overconfidence in Mobile App Security Poses Risks for Organizations Recent research reveals a troubling trend among organizations regarding their mobile application security practices. Despite a high level of confidence reported by 93% of respondents about their security capabilities, a significant 62% experienced breaches over the past year, averaging nine incidents…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) recently unveiled a critical malware strain identified as RESURGE, which has been utilized to exploit a security vulnerability in Ivanti Connect Secure appliances. This vulnerability, designated as CVE-2025-0282, involves a stack-based buffer overflow that could permit remote code execution in affected systems.…
Examining Ransomware: Current Threats, Prevention Strategies, and FBI Support In April 2021, a significant food supply disruption occurred in the Netherlands, linked not to agricultural issues but to a ransomware attack. This incident underscores how ransomware has escalated into one of the internet’s most pressing security concerns, affecting entities like…
Agentic AI, Artificial Intelligence & Machine Learning, Cloud Security Calypso’s Red-Teaming and Agentic Threat Tools Enhance F5’s Application Security Strategy Michael Novinson (MichaelNovinson) • September 11, 2025 Shawn Wormke, Senior Vice President of Product Management, F5 (Image: F5) F5 Networks, an established provider of application and API security, announced plans…
