Senegalese Data Breaches Expose Lack of ‘Security Maturity’
Green Blood Group steals personal records and biometric data of the West African nation’s nearly 20 million residents.
-
-
83% of Ivanti EPMM Exploits Linked to Single IP on Bulletproof Hosting Infrastructure
A significant chunk of the exploitation attempts targeting a newly disclosed security flaw in Ivanti Endpoint Manager Mobile (EPMM) can be traced back to a single IP address on bulletproof hosting infrastructure offered by PROSPERO. Threat intelligence firm GreyNoise said it recorded 417 exploitation sessions from 8 unique source IP addresses between February 1 and…
-
Apple Fixes Exploited Zero-Day Affecting iOS, macOS, and Apple Devices
Apple on Wednesday released iOS, iPadOS, macOS Tahoe, tvOS, watchOS, and visionOS updates to address a zero-day flaw that it said has been exploited in sophisticated cyber attacks. The vulnerability, tracked as CVE-2026-20700 (CVSS score: N/A), has been described as a memory corruption issue in dyld, Apple’s Dynamic Link Editor. Successful exploitation of the vulnerability…
-
North Korea’s UNC1069 Hammers Crypto Firms With AI
In moving away from traditional banks to focus on Web3 companies, the threat actor is leveraging LLMs, deepfakes, legitimate platforms, and ClickFix.
-
How to Stay on Top of Future Threats With a Cutting-Edge SOC
CISOs should focus on harnessing and securing AI and building new skills among their people. Vision and change management can transform security.
-
Automaker Secures the Supply Chain With Developer-Friendly Platform
How a platform engineering team embeds supply chain security into infrastructure without slowing developers.
-
First Malicious Outlook Add-In Found Stealing 4,000+ Microsoft Credentials
Cybersecurity researchers have discovered what they said is the first known malicious Microsoft Outlook add-in detected in the wild. In this unusual supply chain attack detailed by Koi Security, an unknown attacker claimed the domain associated with a now-abandoned legitimate add-in to serve a fake Microsoft login page, stealing over 4,000 credentials in the process….
-
APT36 and SideCopy Launch Cross-Platform RAT Campaigns Against Indian Entities
Indian defense sector and government-aligned organizations have been targeted by multiple campaigns that are designed to compromise Windows and Linux environments with remote access trojans capable of stealing sensitive data and ensuring continued access to infected machines. The campaigns are characterized by the use of malware families like Geta RAT, Ares RAT, and DeskRAT, which…
-
AI Rising: Do We Know Enough About the Data Populating It?
Organizations remain reluctant to address the fact that AI can dangerously expose business operations as well as personal data.
-
Top Cyber Industry Defenses Spike CO2 Emissions
Organizations can improve their climate footprints by optimizing two specific cybersecurity protections, without incurring added risks.