Cybersecurity researchers have uncovered a concerning cache of hacking tools, including SuperShell payloads and Cobalt Strike beacons, exposed in plain sight within open directories on the internet. This discovery highlights how threat actors sometimes inadvertently expose their arsenal while setting…
Category: EN
Netwrix boosts identity and data security for Microsoft environments
Netwrix unveiled new solutions and capabilities across its 1Secure SaaS platform. Its new Data Security Posture Management (DSPM) solution identifies and eliminates data exposures within Microsoft 365 environments and will be available in May. Netwrix also announced new risk assessment…
Arctic Wolf launches Cipher to enhance security investigations with AI insights
Arctic Wolf has introduced Cipher, an AI security assistant that provides customers with self-guided access to deeper security insights directly within the Arctic Wolf Aurora Platform. Cipher enhances investigations and alert comprehension by delivering instant answers, contextual enrichment, and actionable…
DeepMind UK Staff ‘Seek Unionisation’ To Challenge Military Deals
About 300 DeepMind UK staff seek unionisation to challenge Google’s renewed pursuit of military, surveillance AI deals, FT reports This article has been indexed from Silicon UK Read the original article: DeepMind UK Staff ‘Seek Unionisation’ To Challenge Military Deals
Critical Linux Kernel Flaw (CVE-2025-21756) Allows Privilege Escalation
A newly disclosed vulnerability in the Linux kernel, tracked as CVE-2025-21756 and dubbed “Attack of the Vsock,” has sent ripples through the cybersecurity community. The flaw enables attackers to escalate privileges to root, potentially gaining full control over affected Linux systems. According…
Lumu SecOps Platform allows teams to unify their entire security stack
Lumu released Lumu SecOps Platform, a fully integrated Security Operations (SecOps) platform that unifies threat detection, response, automation, compliance, and intelligence across the network, identities and endpoints—delivering full attack context and enabling security teams to autonomously detect and neutralize complex…
Oasis NHI Provisioning automates the provisioning of NHIs and their credentials
Oasis Security launched Oasis NHI Provisioning, a capability that automates the creation, governance, and security of non-human identities (NHIs) from their inception. Built into the Oasis NHI Security Cloud, this solution addresses the critical challenges of fragmented processes, ungoverned sprawl,…
Uyghur software malware, DDoS jumps, 4chan back
Uyghur Language Software Hijacked to Deliver Malware Cloudflare sees a big jump in DDoS attacks 4chan back online Thanks to today’s episode sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses…
Apache Tomcat Vulnerability Let Attackers Bypass Rules & Trigger DoS Condition
The Apache Software Foundation disclosed a significant security vulnerability in Apache Tomcat that could allow attackers to bypass security rules and trigger denial-of-service conditions through manipulated HTTP priority headers. Identified as CVE-2025-31650, this high-severity vulnerability affects multiple Tomcat versions, posing…
Swiss boffins admit to secretly posting AI-penned posts to Reddit in the name of science
They’re sorry/not sorry for testing if bots can change minds by pretending to be a trauma counselor or a victim of sexual abuse Researchers from the University of Zurich have admitted to secretly posting AI-generated material to popular Subreddit r/changemyview…
Desired Effect Marketplace: Researchers Get Their Due, Defenders Get Realtime Info on Zero Days
Desired Effect, if it operates as billed, opens up a world of cutting-edge research to defenders, including zero-day vulnerability data and tailored exploit products. The post Desired Effect Marketplace: Researchers Get Their Due, Defenders Get Realtime Info on Zero Days …
Eyes, ears, and now arms: IoT is alive
I’ve never quite seen anything like this in my two decades of working in the Internet of Things (IoT) space. In just a few years, devices at home and work started including cameras to see and microphones to hear. Now,…
Behavioural economics of enterprise password management
When someone asks how you start a typical weekday, your answer likely includes the usual suspects, be it waking up, brewing coffee, or maybe even a quick scroll through the news. But almost inevitably, in the post-pandemic world where remote…
Futureproofing Enterprise Cloud Security: Navigating Cloud Key Management Complexity
In multicloud environments, where networks stretch beyond traditional private infrastructures and are accessible over the internet, protecting encryption keys is essential for achieving robust security. The post Futureproofing Enterprise Cloud Security: Navigating Cloud Key Management Complexity appeared first on Security…
What’s worth automating in cyber hygiene, and what’s not
Cyber hygiene sounds simple. Patch your systems, remove old accounts, update your software. But for large organizations, this gets messy fast. Systems number in the thousands. Teams are scattered. Some machines haven’t been rebooted in months. Automation can help. But…
Sumo Logic unveils innovations across AI, automation, and threat intelligence
Sumo Logic announced a number of new security capabilities that help organizations build and operate intelligent security operations to reduce risks, accelerate threat containment, and ensure stronger security postures. “With the rise of AI-powered attacks, dynamically scaling cloud environments, and…
Malware Attack Targets World Uyghur Congress Leaders via Trojanized UyghurEdit++ Tool
In a new campaign detected in March 2025, senior members of the World Uyghur Congress (WUC) living in exile have been targeted by a Windows-based malware that’s capable of conducting surveillance. The spear-phishing campaign involved the use of a trojanized…
Akira Ransomware attack on Hitachi Vantara Servers
Hitachi Vantara, the global technology powerhouse and a subsidiary of Japan-based Hitachi, was targeted by the notorious Akira Ransomware gang last weekend, forcing the company to take drastic measures. In a bid to contain the spread of the malware, Hitachi…
What is Slopsquatting and is it a New Emerging Cyber Threat?
In the ever-evolving landscape of cybersecurity, new types of threats are constantly emerging. One relatively new tactic that has been gaining attention is slopsquatting, a technique that cybercriminals use to exploit common human errors and vulnerabilities in domain names. But…
Massive Attack: 4,800+ IPs Used to Target Git Configuration Files
A recent surge in cyber reconnaissance has put thousands of organizations at risk after GreyNoise, a global threat intelligence platform, detected an alarming spike in attempts to access sensitive Git configuration files. Between April 20 and 21, GreyNoise observed the…