Cybercrime, Endpoint Security, Fraud Management & Cybercrime RondoDox Campaign Exploits Open-Source Vulnerability to Compromise IoT Devices Akshaya Asokan (asokan_akshaya) • January 2, 2026 A campaign by a botnet has utilized React2Shell exploits to target IoT devices and web applications on a large scale. (Image: Shutterstock) Security researchers have reported a…
The financial landscape has experienced a significant shift with the advent of digital wallets and financial technology platforms, creating new pathways for users to manage their finances digitally. As reliance on mobile applications increases, the specter of cybersecurity threats looms large, emphasizing the necessity for robust security measures. While the…
Cybersecurity experts have reported that North Korean threat actors are leveraging a critical vulnerability in JetBrains TeamCity, specifically CVE-2023-42793, which carries a severe CVSS score of 9.8. This exploitation allows attackers to breach unprotected servers, with campaigns attributed to two distinct groups: Diamond Sleet, also known as Labyrinth Chollima, and…
Important Update (June 21, 2019) ➤ The Tor Project announced on Friday the release of its latest update, Tor Browser 8.5.3, addressing a significant Firefox zero-day vulnerability identified earlier in the week. This update follows Mozilla’s recent patches for Firefox versions 67.0.3 and 60.7.1, which rectified a critical actively-exploited security…
A significant cyber incident has emerged involving Tokyo FM Broadcasting Co., LTD., one of Japan’s leading radio stations. On January 1, 2026, during the height of New Year’s festivities, an individual or group operating under the moniker “victim” claimed responsibility for breaching the company’s private computer systems. Radio stations are…
Recent findings reveal a sophisticated disinformation campaign aimed at discrediting critics of the Russian state while compromising sensitive data. Security researchers have linked these activities to a suspected Russian government-sponsored espionage initiative, though definitive evidence of state involvement remains unproven. Notably, these operations share characteristics with the tactics employed by…
Artificial Intelligence & Machine Learning, Leadership & Executive Communication, Next-Generation Technologies & Secure Development Also: Leadership Decisions Shaping Cybersecurity in 2026 Anna Delaney (annamadeline) • January 2, 2026 Clockwise, from top left: Anna Delaney, Tom Field, Sean D. Mack, and Chris Riotta As security leaders approach 2026, they are increasingly…
Seven Steps to Achieve AI Supply Chain Visibility Before a Breach Occurs In an era dominated by technological advancement, the vulnerability of supply chains to cyber threats has emerged as a critical concern for businesses. The latest discourse on this issue centers around establishing robust AI-driven visibility into supply chains…
Cisco has issued an urgent warning regarding a severe zero-day vulnerability in its IOS XE software, which is currently being exploited by an unknown actor to introduce a malicious Lua-based implant on affected devices. The vulnerability, designated as CVE-2023-20273, carries a CVSS score of 7.2 and is associated with privilege…
