Oracle EBS zero-day used by Clop to breach Barts Health NHS
Oracle EBS zero-day used by Clop to breach Barts Health NHS Pierluigi Paganini December 08, 2025 Clop ransomware stole data...
used
OAuth Isn’t Enough For Agents
OAuth is a broadly accepted standard. It’s used all over the internet. But as the usage of LLM agents continues...
Fraudulent email domain tracker: November 2025
Every month, we publish a snapshot of the email domains most actively used in fake account creation and related...
CISA: Spyware and RATs used to target WhatsApp and Signal Users
CISA: Spyware and RATs used to target WhatsApp and Signal Users Pierluigi Paganini November 25, 2025 CISA warns that threat...
API Key Security: 7 Enterprise-Proven Methods to Prevent Costly Data Breaches
API keys are a simple authentication method, essentially a unique code used to identify an application. However, as an...
Chinese Hackers Use Anthropic’s AI to Launch Automated Cyber Espionage Campaign
State-sponsored threat actors from China used artificial intelligence (AI) technology developed by Anthropic to orchestrate automated cyber attacks as part...
Building checksec without boundaries with Checksec Anywhere
Since its original release in 2009, checksec has become widely used in the software security community, proving useful in...
Review: The M5 iPad Pro is tomorrow’s tablet today
What it replaces The M5 iPad Pro replaces the M4 iPad Pro, which used to be the best tablet money...
North Korea-linked Konni APT used Google Find Hub to erase data and spy on defectors
North Korea-linked Konni APT used Google Find Hub to erase data and spy on defectors Pierluigi Paganini November 11, 2025...
AI systems will learn bad behavior to meet performance goals, suggest researchers
Then, the pair used GPT 4o to ‘probe for misalignment’ in the messages generated by the baseline models and the...
Russia’s Coldriver Ramps Up Malware Development After LostKeys Exposure
Google threat researchers in May disclosed LostKeys, a malware used by the Russia state-sponsored cyber-espionage group Coldriver, which has...
AffAction Fights Back Against Sophisticated Scrapers with DataDome and Wins
AffAction, an online marketing company managing over 6,000 domains, used to struggle with persistent scraping bots targeting user data....
Penetration testing vs red teaming: What’s the difference?
October 20, 2025 Theklis Stefani In cyber security, two terms are often used interchangeably but mean very different things: penetration...
GoAnywhere MFT zero-day used by Storm-1175 in Medusa ransomware campaigns
GoAnywhere MFT zero-day used by Storm-1175 in Medusa ransomware campaigns Pierluigi Paganini October 07, 2025 Storm-1175 exploits GoAnywhere MFT flaw...
ShinyHunters Wage Broad Corporate Extortion Spree
A cybercriminal group that used voice phishing attacks to siphon more than a billion records from Salesforce customers earlier this...
