CISA: Russia’s Fancy Bear Targeting Logistics, IT Firms

Blog

Byadmblake May 22, 2025

The mission is to gather information that could help Russia in its war against Ukraine.

Blog

Microsoft Expands Sentinel Into Agentic Security Platform With Unified Data Lake

Microsoft on Tuesday unveiled the expansion of its Sentinel Security Incidents and Event Management solution (SIEM) as a unified agentic platform with the general availability of the Sentinel data lake. In addition, the tech giant said it’s also releasing a public preview of Sentinel Graph and Sentinel Model Context Protocol (MCP) server. “With graph-based context,…

Read More Microsoft Expands Sentinel Into Agentic Security Platform With Unified Data Lake
Blog

Mustang Panda Deploys Updated COOLCLIENT Backdoor in Government Cyber Attacks

Threat actors with ties to China have been observed using an updated version of a backdoor called COOLCLIENT in cyber espionage attacks in 2025 to facilitate comprehensive data theft from infected endpoints. The activity has been attributed to Mustang Panda (aka Earth Preta, Fireant, HoneyMyte, Polaris, and Twill Typhoon) with the intrusions primarily directed against…

Read More Mustang Panda Deploys Updated COOLCLIENT Backdoor in Government Cyber Attacks
Blog

Hackers Use Facebook Ads to Spread JSCEAL Malware via Fake Cryptocurrency Trading Apps

Cybersecurity researchers are calling attention to an ongoing campaign that distributes fake cryptocurrency trading apps to deploy a compiled V8 JavaScript (JSC) malware called JSCEAL that can capture data from credentials and wallets. The activity leverages thousands of malicious advertisements posted on Facebook in an attempt to redirect unsuspecting victims to counterfeit sites that instruct

Read More Hackers Use Facebook Ads to Spread JSCEAL Malware via Fake Cryptocurrency Trading Apps
Blog

Oracle Still Denies Breach as Researchers Persist

Evidence suggests an attacker gained access to the company’s cloud infrastructure environment, but Oracle insists that didn’t happen.

Read More Oracle Still Denies Breach as Researchers Persist
Blog

Misconfigured Kubernetes RBAC in Azure Airflow Could Expose Entire Cluster to Exploitation

Cybersecurity researchers have uncovered three security weaknesses in Microsoft’s Azure Data Factory Apache Airflow integration that, if successfully exploited, could have allowed an attacker to gain the ability to conduct various covert actions, including data exfiltration and malware deployment. “Exploiting these flaws could allow attackers to gain persistent access as shadow administrators

Read More Misconfigured Kubernetes RBAC in Azure Airflow Could Expose Entire Cluster to Exploitation
Blog

Google Fixes Actively Exploited Android System Flaw in May 2025 Security Update

Google has released its monthly security updates for Android with fixes for 46 security flaws, including one vulnerability that it said has been exploited in the wild. The vulnerability in question is CVE-2025-27363 (CVSS score: 8.1), a high-severity flaw in the System component that could lead to local code execution without requiring any additional execution…

Read More Google Fixes Actively Exploited Android System Flaw in May 2025 Security Update

Related