A threat actor with suspected ties to India has been observed targeting a European foreign affairs ministry with malware capable of harvesting sensitive data from compromised hosts. The activity has been attributed by Trellix Advanced Research Center to an advanced persistent threat (APT) group called DoNot Team, which is also known as APT-C-35, Mint Tempest,…
Though the victims list on its site has since been taken down, the group plans on leaking the rest of the files stolen from its victims.
From data fog to threat clarity: Automating security analytics helps security teams stop fighting phantoms and respond to what matters.
The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) on Tuesday sanctioned a member of a North Korean hacking group called Andariel for their role in the infamous remote information technology (IT) worker scheme. The Treasury said Song Kum Hyok, a 38-year-old North Korean national with an address in the Chinese province…
Run by the team at workflow orchestration and AI platform Tines, the Tines library features over 1,000 pre-built workflows shared by security practitioners from across the community – all free to import and deploy through the platform’s Community Edition. A recent standout is a workflow that handles malware alerts with CrowdStrike, Oomnitza, GitHub, and PagerDuty….
A Chinese national has been arrested in Milan, Italy, for his alleged links to a state-sponsored hacking group known as Silk Typhoon and for carrying out cyber attacks against American organizations and government agencies. The 33-year-old, Xu Zewei, has been charged with nine counts of wire fraud and conspiracy to cause damage to and obtain…
For the first time in 2025, Microsoft’s Patch Tuesday updates did not bundle fixes for exploited security vulnerabilities, but acknowledged one of the addressed flaws had been publicly known. The patches resolve a whopping 130 vulnerabilities, along with 10 other non-Microsoft CVEs that affect Visual Studio, AMD, and its Chromium-based Edge browser. Of these 10…
Following a breach at the country’s top mobile provider that exposed 27 million records, the South Korean government imposed a small monetary penalty but stiff regulatory requirements.
Startup Tumeryk’s State of AI Trust finds Google Gemini Pro 2.5 as the most trustworthy with ChatGPT-4 Mini a close second, while DeepSeek and Alibaba Qwen scoring lowest.
Some 17 of the bugs are at high risk for exploits, including multiple remote code execution bugs in Office and SharePoint.