Almost there! A verification email is on its way to your inbox. Please ensure to check your spam or junk folder if it doesn’t appear promptly. If you do not receive the email within five minutes, we recommend trying to sign in again. Should the issue persist, please reach out…
Recent findings by cybersecurity researchers have unveiled a software supply chain attack that specifically targets the Go programming ecosystem. This operation involves a harmful package engineered to provide adversaries with remote access to compromised systems. The malicious package, identified as github.com/boltdb-go/bolt, is a deceptive imitation of the legitimate BoltDB database…
A series of sophisticated phishing campaigns targeting diplomatic and governmental organizations has been linked to a Russian-state sponsored hacking group known as APT29, or Cozy Bear. This threat actor has been active since January 17, 2022, employing a range of techniques that highlight their ongoing interest in gathering sensitive diplomatic…
Fraud Management & Cybercrime, Healthcare, Industry Specific 2024 Cyberattack Targeted Multiple Blood Suppliers Across the US and UK Marianne Kolbasuk McGee (HealthInfoSec) • September 29, 2025 OneBlood has consented to pay $1 million as part of a settlement pertaining to a 2024 ransomware attack that compromised data from approximately 170,000…
Ransomware attacks have increasingly become a pressing digital threat as their sophistication grows, extending beyond traditional data-encrypting malware to include data grab-and-leak tactics. While the conventional form of ransomware that encrypts data and demands a ransom remains prevalent, Google has recently introduced a new defense mechanism for its Drive for…
Recent intelligence reveals that North Korean IT professionals are infiltrating Western companies under false pretenses, not only stealing sensitive intellectual property but also extorting their employers for ransom to prevent data exposure. This notable shift signifies an escalation in the tactics used by these actors, moving beyond conventional data breaches…
A recent study published in the International Journal of Services, Economics and Management has revealed that professional aspirations often take precedence over security concerns in cloud usage and management decisions. The research, which surveyed 125 cloud users, found that motivations related to career advancement—such as gaining cloud expertise to enhance…
On Tuesday, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) announced the addition of four critical security vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. This move was prompted by clear evidence indicating that these vulnerabilities are currently being exploited in active attacks. The vulnerabilities identified are significant and warrant…
In recent weeks, the Chinese state-sponsored hacking group known as Override Panda has made headlines again, launching a sophisticated phishing campaign aimed at acquiring sensitive information. This resurgence focuses on utilizing spear-phishing tactics to compromise targeted entities. According to a report by Cluster25, this threat actor leveraged a spear-phishing email…
