Cyber-insurance carrier Coalition said business email compromise and funds transfer fraud accounted for 60% of claims in 2024.

Cyber-insurance carrier Coalition said business email compromise and funds transfer fraud accounted for 60% of claims in 2024.

Taking a dive into Sophos Tamper Protection

Taking a dive into Sophos Tamper Protection

The North Korean IT worker scheme grows to include organizations in Europe and Asia and industries beyond the technology sector

Four different countries, including the United States and Germany, were included in the latest international operation alongside Europol’s support.

Cybersecurity researchers have exposed what they say is an “industrial-scale, global cryptocurrency phishing operation” engineered to steal digital assets from cryptocurrency wallets for several years. The campaign has been codenamed FreeDrain by threat intelligence firms SentinelOne and Validin. “FreeDrain uses SEO manipulation, free-tier web services (like gitbook.io, webflow.io, and github.io

Despite all MITRE has done for cybersecurity, it is clear we should not wait 11 months to discuss the future of the CVE database. It’s simply too important for that.

SonicWall has released patches to address three security flaws affecting SMA 100 Secure Mobile Access (SMA) appliances that could be fashioned to result in remote code execution. The vulnerabilities are listed below – CVE-2025-32819 (CVSS score: 8.8) – A vulnerability in SMA100 allows a remote authenticated attacker with SSL-VPN user privileges to bypass the path…

Threat actors with ties to the Qilin ransomware family have leveraged malware known as SmokeLoader along with a previously undocumented .NET compiled loader codenamed NETXLOADER as part of a campaign observed in November 2024. “NETXLOADER is a new .NET-based loader that plays a critical role in cyber attacks,” Trend Micro researchers Jacob Santos, Raymart Yambot,…