A security flaw in the WinRAR file archiver solution might be used to circumvent the Mark of the Web (MotW) security warning and execute arbitrary code on a Windows computer. The vulnerability is known as CVE-2025-31334 and impacts all…
Category: EN
The Art of Delegation in a Digital Age: Empowering Teams, Not Just Offloading Tasks
Effective task delegation is a vital skill for any manager. Strategically transferring specific tasks to capable team members can boost efficiency, improve decision-making, and empower staff to create a healthy,… The post The Art of Delegation in a Digital Age:…
0-Click RCE in the SuperNote Nomad E-ink Tablet Lets Hackers Install Rootkit & Gain Full Control
Security researcher Prizm Labs has discovered a serious flaw in the SuperNote A6 X2 Nomad, a well-known 7.8-inch E-Ink tablet made by Ratta Software. The flaw, now assigned CVE-2025-32409, could allow a malicious attacker on the same network to fully…
Attackers are exploiting recently disclosed OttoKit WordPress plugin flaw
Threat actors are exploiting a vulnerability in the OttoKit WordPress plugin, a few hours after public disclosure. Threat actors are exploiting a recently discovered vulnerability, tracked as CVE-2025-3102 (CVSS score of 8.1) in the OttoKit WordPress plugin (formerly SureTriggers), a few hours after public disclosure. An…
AI can’t stop making up software dependencies and sabotaging everything
Hallucinated package names fuel ‘slopsquatting’ The rise of AI-powered code generation tools is reshaping how developers write software – and introducing new risks to the software supply chain in the process.… This article has been indexed from The Register –…
China Secretly (and Weirdly) Admits It Hacked US Infrastructure
Plus: The Department of Homeland Security begins surveilling immigrants’ social media, President Donald Trump targets former CISA director who refuted his claims of 2020 election fraud, and more. This article has been indexed from Security Latest Read the original article:…
UPI Down – UPI Outage Disrupt Millions of Digital Transactions Across India
India’s Unified Payments Interface (UPI), the backbone of the country’s digital payment ecosystem, faced a significant outage today, marking the fourth disruption in less than three weeks. The outage, which began around 10:30 AM IST, affected millions of users across…
5 warning signs that your phone’s been hacked – and how to fight back
Here are the biggest warning signs that your phone may be compromised and the secret codes that can tell you all about it. This article has been indexed from Latest stories for ZDNET in Security Read the original article: 5…
Beware Developers! Malicious NPM Packages Targeting PayPal Users to Steal Sensitive Data
FortiGuard Labs, Fortinet’s AI-driven threat intelligence arm, has uncovered a series of malicious NPM packages designed to steal sensitive information from developers and target PayPal users. Detected between March 5 and March 14, 2025, these packages were published by a…
NVIDIA’s Incomplete Patch for Critical Flaw Lets Attackers Steal AI Model Data
A critical vulnerability in NVIDIA’s Container Toolkit, CVE-2024-0132, remains exploitable due to an incomplete patch, endangering AI infrastructure and sensitive data. Coupled with a newly discovered denial-of-service (DoS) flaw in Docker on Linux, these issues could allow attackers to breach…
RansomHub Ransomware-as-a-service Facing Internal Conflict as Affiliates Lost Access to Chat Portals
RansomHub, a relatively newer player in the ransomware-as-a-service (RaaS) landscape, is experiencing significant internal turmoil after affiliates suddenly lost access to negotiation chat portals on April 1st, 2025. This disruption has forced affiliates to redirect victim communications to alternative platforms,…
Dangling DNS Attack Allows Hackers to Take Over Organization’s Subdomain
Hackers are exploiting what’s known as “Dangling DNS” records to take over corporate subdomains, posing significant threats to organizations’ security frameworks. This attack vector has been increasingly noted by security teams, highlighting the need for constant vigilance in DNS configuration…
Hackers Imitate Google Chrome Install Page on Google Play to Distribute Android Malware
Cybersecurity experts have unearthed an intricate cyber campaign that leverages deceptive websites posing as the Google Play Store to distribute Android malware. These websites, hosted on newly registered domains, create a façade of credible application installation pages, enticing victims with…
Threat Actors Manipulate Search Results to Lure Users to Malicious Websites
Cybercriminals are increasingly exploiting search engine optimization (SEO) techniques and paid advertisements to manipulate search engine results, pushing malicious websites to the top where unsuspecting users are likely to click. In recent years, this tactic, often known as SEO poisoning…
RansomHub Ransomware Group Hits 84 Organizations as New Threat Actors Emerge
The RansomHub ransomware group has emerged as a significant danger, targeting a wide array of industries across the globe. In March 2025, this group alone managed to compromise 84 organizations, while new groups like Arkana and CrazyHunter have introduced sophisticated…
HelloKitty Ransomware Returns, Launching Attacks on Windows, Linux, and ESXi Environments
Security researchers and cybersecurity experts have recently uncovered new variants of the notorious HelloKitty ransomware, signaling its resurgence with attacks targeting Windows, Linux, and ESXi environments. HelloKitty ransomware, initially appearing in October 2020 as a fork of DeathRansom, has evolved…
Sapphire Werewolf Enhances Toolkit With New Amethyst Stealer to Attack Energy Companies
Cybersecurity experts have detected a sophisticated campaign targeting energy sector companies, as the threat actor known as Sapphire Werewolf deploys an enhanced version of the Amethyst stealer malware. The campaign represents a significant evolution in the group’s capabilities, featuring advanced…
Insights from a Tech Leader: Interview with TD Bank’s Chief Architect Licenia Rojas
In this captivating interview, host Jim Love sits down with Licenia Rojas, Senior Vice President and Chief Architect at TD Bank. They discuss Licenia’s journey in the technology sector, the importance of mentorship, and the role of continuous learning in…
Hackers Exploiting Domain Controller to Deploy Ransomware Using RDP
Microsoft has recently uncovered a sharp rise in ransomware attacks exploiting domain controllers (DCs) through Remote Desktop Protocol (RDP), with the average attack costing organizations $9.36 million in 2024. These sophisticated campaigns aim to cripple enterprises by encrypting critical systems…
Active Directory Attack Kill Chain Checklist & Tools List- 2025
The “Active Directory Kill Chain Attack & Defense” concept is a structured approach to understanding the sequence of events or stages involved in an Active Directory (AD) attack and the corresponding defensive measures to counteract or prevent such attacks. Microsoft…