Cybersecurity researchers have uncovered over 40 malicious browser extensions for Mozilla Firefox that are designed to steal cryptocurrency wallet secrets, putting users’ digital assets at risk. “These extensions impersonate legitimate wallet tools from widely-used platforms such as Coinbase, MetaMask, Trust Wallet, Phantom, Exodus, OKX, Keplr, MyMonero, Bitget, Leap, Ethereum Wallet, and Filfox
If you’re evaluating AI-powered SOC platforms, you’ve likely seen bold claims: faster triage, smarter remediation, and less noise. But under the hood, not all AI is created equal. Many solutions rely on pre-trained AI models that are hardwired for a handful of specific use cases. While that might work for yesterday’s SOC, today’s reality is…
This marks the 10th consecutive G2 Seasonal Report where Sophos Firewall is the top-ranked Firewall
The French cybersecurity agency on Tuesday revealed that a number of entities spanning governmental, telecommunications, media, finance, and transport sectors in the country were impacted by a malicious campaign undertaken by a Chinese hacking group by weaponizing several zero-day vulnerabilities in Ivanti Cloud Services Appliance (CSA) devices. The campaign, detected at the beginning of
Cisco has released security updates to address a maximum-severity security flaw in Unified Communications Manager (Unified CM) and Unified Communications Manager Session Management Edition (Unified CM SME) that could permit an attacker to login to a susceptible device as the root user, allowing them to gain elevated privileges. The vulnerability, tracked as CVE-2025-20309, carries a…
Passengers’ personal information was likely accessed via a third-party platform used at a call center, but didn’t include passport or credit card info.
Attackers can abuse malicious extensions to access critical data, including credentials, but organizations can reduce the risks by raising awareness and enforcing strict policy controls.
A likely China-nexus threat actor has been exploiting unpatched Ivanti vulnerabilities to gain initial access to victim networks and then patching the systems to block others from breaking in to the same network.
In the past, the bulletproof group has been affiliated with many well-known ransomware and malware groups, such as BianLian and Lumma Stealer.
A Russian APT known as “Gamaredon” is using spear-phishing attacks and network-drive weaponization to target government entities in Ukraine.