Blog

The high-profile information stealer switches up its TTPs, but keeps the CAPTCHA tactic; we take a deep dive

Google on Thursday announced it’s rolling out new artificial intelligence (AI)-powered countermeasures to combat scams across Chrome, Search, and Android. The tech giant said it will begin using Gemini Nano, its on-device large language model (LLM), to improve Safe Browsing in Chrome 137 on desktops. “The on-device approach provides instant insight on risky websites and…

A China-linked unnamed threat actor dubbed Chaya_004 has been observed exploiting a recently disclosed security flaw in SAP NetWeaver. Forescout Vedere Labs, in a report published today, said it uncovered a malicious infrastructure likely associated with the hacking group weaponizing CVE-2025-31324 (CVSS score: 10.0) since April 29, 2025. CVE-2025-31324 refers to a critical SAP NetWeaver…

Three vulnerabilities in SMA 100 gateways could facilitate root RCE attacks, and one of the vulnerabilities has already been exploited in the wild.

Cyber-insurance carrier Coalition said business email compromise and funds transfer fraud accounted for 60% of claims in 2024.

Cyber-insurance carrier Coalition said business email compromise and funds transfer fraud accounted for 60% of claims in 2024.

Taking a dive into Sophos Tamper Protection

Taking a dive into Sophos Tamper Protection

The North Korean IT worker scheme grows to include organizations in Europe and Asia and industries beyond the technology sector

Four different countries, including the United States and Germany, were included in the latest international operation alongside Europol’s support.