Microsoft’s new Azure Active Directory Cross-Tenant Synchronization (CTS) feature, introduced in June 2023, has created a new potential attack surface that might allow threat actors to...
A malicious package that mimics the VMware vSphere connector module ‘vConnector’ was uploaded on the Python Package Index (PyPI) under the name ‘VMConnect,’ targeting IT professionals....
The Federal Communications Commission (FCC) has announced a record-breaking $299,997,000 fine imposed on an international network of companies for placing five billion robocalls to more than...
Hackers actively leverage LOLBAS (Living-Off-the-Land Binaries-And-Scripts), it’s a popular methodology that is used by threat actors for exploiting legit tools for hiding the illicit actions performed by them....
Threat actors are evolving their techniques and tools at a rapid pace that is completely changing the current threat scenario. BlueCharlie is a Russia-linked threat group that...
Microsoft Threat intelligence identifies Midnight Blizzard (previously tracked as NOBELIUM) as a highly targeted social engineering attack. The attacker uses compromised Microsoft 365 tenants owned by small...
Google has published a security update for Chrome, updating the Stable channel for Mac and Linux to 115.0.5790.170 and 115.0.5790.170/.171 for Windows. The release of this upgrade...
Hackers exploited a zero-day vulnerability in the email services and SMTP servers of Salesforce. Malicious email traffic is often concealed within email gateway services that are...
There is a critical vulnerability in Ivanti’s MobileIron Core 11.2 version that could allow a malicious actor to gain unauthorized access to restricted functions. MobileIron core...
The House Committee on Oversight and Accountability is investigating how the State and Commerce departments responded to a cyberattack that successfully gained access to unclassified government...