Mexican financial institutions are currently being targeted by a sophisticated spear-phishing campaign that deploys a modified variant of the open-source remote access trojan known as AllaKore RAT. This attack has been attributed to an unidentified financially motivated actor based in Latin America, with the campaign having been operational since at…
A recently addressed security vulnerability in Microsoft Outlook exposes users to potential exploitation by malicious actors aiming to access NT LAN Manager (NTLM) v2 hashed passwords through specially crafted files. The flaw, identified as CVE-2023-35636, has been rated with a CVSS score of 6.5 and was patched during Microsoft’s December…
New Bipartisan Bill Aims to Fortify Healthcare Cybersecurity with Enhanced Regulations and Support Marianne Kolbasuk McGee (HealthInfoSec) • December 8, 2025 A bipartisan coalition of U.S. senators has reintroduced a significant cybersecurity bill aimed at enhancing protections in the healthcare sector. (Image: U.S. Congress) A bipartisan group of four U.S.…
A significant international coalition, encompassing several nations, including the United States, the United Kingdom, and France, alongside major tech companies such as Google, Microsoft, and Meta, has formalized an agreement aimed at combating the misuse of commercial spyware for human rights violations. This initiative, known as the Pall Mall Process,…
The investigation into the SolarWinds supply chain attack continues to reveal significant findings, including the emergence of a new malware strain. Recent digital forensic analysis suggests that a different group of threat actors may be exploiting SolarWinds’ Orion software to deploy a similar persistent backdoor on compromised systems. According to…
Agentic AI, Artificial Intelligence & Machine Learning, Next-Generation Technologies & Secure Development CEO Matt Garman Outlines Vision for Developing Billions of Autonomous Agents Rahul Neel Mani (@rneelmani) • December 2, 2025 AWS CEO Matt Garman discusses agentic AI at the re:Invent 2025 conference. For the past twenty years, Amazon Web…
Recent investigations have surfaced an attempt to breach CrowdStrike, a prominent cybersecurity firm, within the backdrop of the ongoing espionage campaign associated with SolarWinds. The intrusion was reportedly thwarted, revealing critical insights into the current landscape of cybersecurity threats. On December 15, Microsoft’s Threat Intelligence Center flagged a third-party reseller’s…
A critical vulnerability has been identified in the SolarWinds Orion software, which may have been exploited by threat actors as a zero-day to deliver the SUPERNOVA malware across targeted environments. This discovery highlights significant risks for organizations utilizing this widely adopted system monitoring and management tool. The CERT Coordination Center…
Amit Chaudhry Takes Charge at Cloudflare Leading Innovation in Product and Solutions Marketing Amit Chaudhry has recently assumed the role of Product and Solutions Marketing Leader at Cloudflare, bringing over 25 years of extensive experience in enterprise AI and product marketing. His career has spanned key positions at industry giants…
