SecurityScorecard 2025 Global Third-Party Breach Report Reveals Surge in Vendor-Driven Attacks

Blog

Byadmblake March 28, 2025

Post Content

Blog

n8n Webhooks Abused Since October 2025 to Deliver Malware via Phishing Emails

Threat actors have been observed weaponizing n8n, a popular artificial intelligence (AI) workflow automation platform, to facilitate sophisticated phishing campaigns and deliver malicious payloads or fingerprint devices by sending automated emails. “By leveraging trusted infrastructure, these attackers bypass traditional security filters, turning productivity tools into delivery

Read More n8n Webhooks Abused Since October 2025 to Deliver Malware via Phishing Emails
Blog

Google Adds Layered Defenses to Chrome to Block Indirect Prompt Injection Threats

Google on Monday announced a set of new security features in Chrome, following the company’s addition of agentic artificial intelligence (AI) capabilities to the web browser. To that end, the tech giant said it has implemented layered defenses to make it harder for bad actors to exploit indirect prompt injections that arise as a result…

Read More Google Adds Layered Defenses to Chrome to Block Indirect Prompt Injection Threats
Blog

Tudou Guarantee Marketplace Halts Telegram Transactions After Processing Over $12 Billion

A Telegram-based guarantee marketplace known for advertising a broad range of illicit services appears to be winding down its operations, according to new findings from Elliptic. The blockchain intelligence company said Tudou Guarantee has effectively ceased transactions through its public Telegram groups following a period of significant growth. The marketplace is estimated to have processed

Read More Tudou Guarantee Marketplace Halts Telegram Transactions After Processing Over $12 Billion
Blog

Securing AI to Benefit from AI

Artificial intelligence (AI) holds tremendous promise for improving cyber defense and making the lives of security practitioners easier. It can help teams cut through alert fatigue, spot patterns faster, and bring a level of scale that human analysts alone can’t match. But realizing that potential depends on securing the systems that make it possible. Every…

Read More Securing AI to Benefit from AI
Blog

TARmageddon Flaw in Async-Tar Rust Library Could Enable Remote Code Execution

Cybersecurity researchers have disclosed details of a high-severity flaw impacting the popular async-tar Rust library and its forks, including tokio-tar, that could result in remote code execution under certain conditions. The vulnerability, tracked as CVE-2025-62518 (CVSS score: 8.1), has been codenamed TARmageddon by Edera, which discovered the issue in late August 2025. It impacts several

Read More TARmageddon Flaw in Async-Tar Rust Library Could Enable Remote Code Execution
Blog

The MSP Cybersecurity Readiness Guide: Turning Security into Growth

MSPs are facing rising client expectations for strong cybersecurity and compliance outcomes, while threats grow more complex and regulatory demands evolve. Meanwhile, clients are increasingly seeking comprehensive protection without taking on the burden of managing security themselves. This shift represents a major growth opportunity. By delivering advanced cybersecurity and compliance

Read More The MSP Cybersecurity Readiness Guide: Turning Security into Growth

Related