Daily Security Review

Multi-Stage Phishing Attacks Now Use Google Infrastructure—Here’s How

02 Jun 2025

Contributed by Lukas

Recent phishing campaigns have entered a new phase—one where trust is weaponized. In this episode, we break down how cybercriminals are exploiting l...

Inside the AVCheck Takedown: How Law Enforcement Disrupted a Key Cybercrime Tool

02 Jun 2025

Contributed by Lukas

In this episode, we unpack the international takedown of AVCheck, one of the largest counter antivirus (CAV) services used by cybercriminals to test a...

ConnectWise Breach: Nation-State Exploits CVE-2025-3935 in ScreenConnect

30 May 2025

Contributed by Lukas

ConnectWise has confirmed a cyberattack targeting ScreenConnect, its remote access solution used by thousands of Managed Service Providers (MSPs). The...

Browser vs. GPU: Firefox 139 Collides with NVIDIA Drivers

30 May 2025

Contributed by Lukas

In this episode, we dive into the graphical corruption saga triggered by Firefox version 139, released on May 27, 2025. Aimed at uncovering what went ...

Unbound Raises $4M to Secure Generative AI in the Enterprise

30 May 2025

Contributed by Lukas

In this episode, we break down the recent $4 million seed funding round for Unbound, a startup tackling one of the biggest unsolved problems in enterp...

Windows Updates, Reimagined: Inside Microsoft’s Unified Orchestration Push

29 May 2025

Contributed by Lukas

Microsoft is taking direct aim at one of the biggest pain points in the Windows ecosystem: update fragmentation. In this episode, we dive deep into th...

Systemd as a Weapon: How PumaBot Exploits Linux Persistence

29 May 2025

Contributed by Lukas

Linux systems are under siege—particularly in the world of IoT and internet-exposed servers. In this episode, we dissect PumaBot, a new GoLang-based...

The LexisNexis Breach: 364,000 Records Exposed via GitHub

29 May 2025

Contributed by Lukas

On December 25, 2024, while most businesses were offline, a serious data breach struck LexisNexis Risk Solutions—exposing the personal data of over ...

Ransomware Hits MathWorks: Week-Long Outage Disrupts Millions

28 May 2025

Contributed by Lukas

On this episode, we dissect the ransomware attack that brought MathWorks—a cornerstone software provider for engineers, scientists, and educators—...

Zscaler Acquires Red Canary: What It Means for AI-Powered Security Operations

28 May 2025

Contributed by Lukas

The cybersecurity market is booming, projected to triple in size from $215 billion in 2025 to $697 billion by 2035. This explosive growth is being fue...

DragonForce Breaches MSPs via SimpleHelp Flaws: Inside CVE-2024-57726

28 May 2025

Contributed by Lukas

In this episode, we unpack a critical supply chain breach that’s rattled the cybersecurity world: the exploitation of multiple zero-day vulnerabilit...

Fentanyl, Firearms, and $200M in Crypto: Dark Web Crime Meets Global Law Enforcement

27 May 2025

Contributed by Lukas

This episode dives deep into Operation RapTor, one of the largest international crackdowns on dark web crime to date. We analyze how coordinated law e...

Marlboro-Chesterfield Pathology Ransomware Breach: 235,000 Patients Affected

27 May 2025

Contributed by Lukas

In this episode, we take a deep dive into the recent Marlboro-Chesterfield Pathology (MCP) ransomware attack—one of the most significant healthcare ...

How Infostealers Like Stealc Use TikTok Accounts to Exfiltrate Stolen Data

27 May 2025

Contributed by Lukas

In this episode, we dive deep into the underground cybercrime ecosystem powering the surge of modern infostealers—Stealc, Vidar, and LummaC2. These ...

The Great Screenshot Scandal: Microsoft Recall and Signal’s DRM Shield

26 May 2025

Contributed by Lukas

In this episode, we dive deep into the growing tension between AI innovation and data privacy through the lens of a major controversy: Microsoft’s W...

Bumblebee Malware Returns: IT Pros Targeted Through SEO Poisoning and Typosquatting

26 May 2025

Contributed by Lukas

In this episode, we break down the resurgence of the Bumblebee malware loader and its latest distribution method: blackhat SEO campaigns and trojanize...

FBI Warns of Luna Moth Tactics: Inside the Silent Ransom Group’s Law Firm Attacks

26 May 2025

Contributed by Lukas

In this episode, we dive into the evolving tactics of the Silent Ransom Group (SRG)—also known as Luna Moth—a cybercriminal outfit that has shifte...

Trust Exploited: Unpacking the macOS Malware Attacking Ledger Wallets

23 May 2025

Contributed by Lukas

A growing cyber threat is targeting macOS users who rely on Ledger cold wallets to secure their cryptocurrency. In this episode, we dissect the anti-L...

$21M Seized and DanaBot, Qakbot, and Bumblebee Disrupted in Operation Endgame Takedown

23 May 2025

Contributed by Lukas

In this episode, we break down the latest and most impactful phase of Operation Endgame, the international law enforcement campaign targeting the back...

From TikTok to Total Compromise: The Rise of Social Media Infostealers

23 May 2025

Contributed by Lukas

In this episode, we dive into the alarming surge of infostealer malware campaigns leveraging social media platforms, particularly TikTok, as their dis...

Kettering Health Breached: What the Interlock Ransomware Group Did and Why It Matters

22 May 2025

Contributed by Lukas

In this episode, we dive into the ransomware attack that struck Kettering Health, a major healthcare provider, and the evolving tactics of the Interlo...

Deepfake Threats, Mobile Biometrics, and the Future of Trust

22 May 2025

Contributed by Lukas

As digital deception evolves, so must our defenses. In this episode, we dive deep into the escalating battle for trust in our increasingly connected w...

119,000 ICS Devices Exposed: The Internet’s Hidden Infrastructure Risk

22 May 2025

Contributed by Lukas

In this episode, we dive into a growing cybersecurity crisis: the exposure of Industrial Control Systems (ICS) on the public internet. These systems p...

Arla Foods Upahl Site Hit by Cyberattack—What It Means for Food Supply Chains

20 May 2025

Contributed by Lukas

In May 2025, a cyberattack disrupted operations at Arla Foods’ major dairy facility in Upahl, Germany—halting skyr production, impacting local IT ...

Bypassing Antivirus: What Defendnot Reveals About the Weak Spots in Windows Security

20 May 2025

Contributed by Lukas

In this episode, we dissect one of the most advanced Windows security evasion tools released in recent memory: Defendnot. Designed to exploit undocume...

BreachRx Raises $15M to Automate the Chaos of Incident Response

20 May 2025

Contributed by Lukas

In this episode, we dive into BreachRx’s $15 million Series A raise — and what it means for the future of enterprise cybersecurity incident respon...

110,000+ Records Compromised: The NRS Cybersecurity Failure

19 May 2025

Contributed by Lukas

In this episode, we unpack the 2024 cybersecurity incident that rocked the debt collection and healthcare sectors: the massive data breach at Nationwi...

CISA Flags Chrome Vulnerability CVE-2025-4664: Patch Before June 5th

19 May 2025

Contributed by Lukas

In this episode, we break down the recently discovered and actively exploited Chrome vulnerability CVE-2025-4664—a high-severity flaw stemming from ...

483,000 Patients at Risk: Catholic Health Vendor Breach Exposes Critical Data

19 May 2025

Contributed by Lukas

In this episode, we dive deep into a newly disclosed healthcare data breach affecting over 483,000 patients of Catholic Health, stemming from a miscon...

Chrome's New Vulnerability CVE-2025-4664: A Security Flaw That Can Lead to Account Takeover

16 May 2025

Contributed by Lukas

In this episode, we take an in-depth look at the newly discovered CVE-2025-4664 vulnerability in Google Chrome’s Loader component. This high-severit...

Scattered Spider Targets UK and US Retailers: The Growing Threat to Major Brands

16 May 2025

Contributed by Lukas

In this episode, we dive deep into the recent wave of cyberattacks plaguing major UK retailers such as Marks & Spencer, Co-op, and Harrods, with a...

Proofpoint Acquires Hornetsecurity for $1B: A New Era in Microsoft 365 Security

16 May 2025

Contributed by Lukas

 In a major move within the cybersecurity space, Proofpoint has announced the acquisition of Hornetsecurity for over $1 billion. This deal significan...

Exploited in the Wild: SAP NetWeaver Zero-Days Hit Fortune 500

14 May 2025

Contributed by Lukas

In this episode, we dive into the active exploitation of two critical zero-day vulnerabilities in SAP NetWeaver—CVE-2025-31324 and CVE-2025-42999. T...

Checkout Chaos: Inside the £3.5 Million-a-Day M&S Cyber-Shutdown

14 May 2025

Contributed by Lukas

The recent ransomware attack on Marks & Spencer (M&S) is a sobering example of the evolving cyber threat landscape confronting the retail indu...

Targeted iOS Attacks: The Zero-Days Apple Had to Patch Fast

14 May 2025

Contributed by Lukas

In this episode, we break down Apple’s massive May 2025 security update blitz—a sweeping patch release that spanned iOS, macOS, iPadOS, tvOS, visi...

Texas vs Google: The $1.4 Billion Wake-Up Call for Data Privacy Violations

13 May 2025

Contributed by Lukas

In this episode, we unpack the groundbreaking $1.4 billion privacy settlement between Google and the state of Texas—now the largest of its kind in U...

Marbled Dust's Zero-Day Exploit: Unveiling a Türkiye-linked Espionage Campaign Against Kurdish Forces

13 May 2025

Contributed by Lukas

In April 2024, a sophisticated cyber espionage campaign orchestrated by the Türkiye-linked hacker group, Marbled Dust, began exploiting a previously ...

TeleMessage Exploit: Inside the Messaging Flaw That Hit Coinbase and CBP

13 May 2025

Contributed by Lukas

In this episode, we dissect CVE-2025-47729, a critical vulnerability in TeleMessage, a message archiving app recently thrust into the spotlight due to...

Backdoored by ‘Cheap’ AI: How Fake npm Packages Compromised Cursor IDE

12 May 2025

Contributed by Lukas

A new supply chain attack has emerged—this time targeting macOS users of the Cursor AI code editor through rogue npm packages. In this episode, we b...

160,000 Victims Later: The Aspire USA Breach Under Valsoft’s Watch

12 May 2025

Contributed by Lukas

In this episode, we break down the February 2025 data breach that hit Valsoft Corporation, operating under the name AllTrust, through its subsidiary A...

rand-user-agent: The NPM Package That Opened a Backdoor

12 May 2025

Contributed by Lukas

In this episode, we break down the recent compromise of the rand-user-agent NPM package—an attack that quietly turned a once-trusted JavaScript libr...

PipeMagic, Procdump, and Privilege Escalation: Tracking the Windows CLFS Exploit Chain

08 May 2025

Contributed by Lukas

A zero-day vulnerability in the Windows Common Log File System (CLFS), tracked as CVE-2025-29824, became the center of a global cybersecurity storm wh...

Pegasus Spyware, WhatsApp v. NSO Group, and the Global Battle for Data Privacy

08 May 2025

Contributed by Lukas

In this episode, we dive deep into the legal, technical, and geopolitical implications of the U.S. court ruling in WhatsApp v. NSO Group—a landmark ...

How CodeAnt AI is Automating Code Reviews for 50+ Dev Teams

08 May 2025

Contributed by Lukas

AI tools are generating more code than ever — but who’s reviewing it? In this episode, we spotlight CodeAnt AI, the fast-growing platform built to...

The Langflow Breach: How a Popular AI Tool Opened the Door to Hackers

07 May 2025

Contributed by Lukas

A newly disclosed zero-day vulnerability, CVE-2025-3248, is being actively exploited in the wild—and it's targeting Langflow, a popular open-source ...

Mirai Reloaded: Why CVE-2024-7399 Still Haunts Samsung Servers

07 May 2025

Contributed by Lukas

In this episode, we break down the active exploitation of CVE-2024-7399, a critical path traversal and arbitrary file upload vulnerability in Samsung ...

CVE-2025-31324: A Critical SAP Zero-Day in Active Exploitation

07 May 2025

Contributed by Lukas

A critical zero-day vulnerability — CVE-2025-31324 — is shaking the enterprise tech world. In this episode, we dive deep into the alarming exploi...

Another Day, Another Commvault Zero-Day: RCE, Path Traversal, and KEV Inclusions

06 May 2025

Contributed by Lukas

In this episode, we break down the anatomy of some of the most critical vulnerabilities threatening enterprise systems in 2025 — and the real-world ...

Kelly Benefits Breach: What 413,000 Exposed Records Teach Us About Cybersecurity

06 May 2025

Contributed by Lukas

In this episode, we dive deep into the massive data breach at Kelly Benefits, a payroll and benefits administrator that exposed the sensitive personal...

$491M Budget Cut: The White House Move That Could Reshape CISA

06 May 2025

Contributed by Lukas

 In this episode, we unpack the rising tensions surrounding the Cybersecurity and Infrastructure Security Agency (CISA) as it faces proposed budget c...

TikTok Fined €530M: GDPR Breach Over Data Transfers to China

05 May 2025

Contributed by Lukas

The Irish Data Protection Commission (DPC) has fined TikTok a staggering €530 million ($601 million) for violating the GDPR by transferring European...

Endor Labs Raises $93M to Cut AppSec Noise and Secure the Software Supply Chain

05 May 2025

Contributed by Lukas

In this episode, we explore the security challenges of the AI-driven software era and how Endor Labs is reshaping application security for the modern ...

CVE-2025-3928: How One Vulnerability Breached Commvault’s Azure Stack

05 May 2025

Contributed by Lukas

In this episode, we take a deep dive into CVE-2025-3928—a critical vulnerability in the Commvault Web Server that enables remote attackers to deploy...

Nova Scotia Power, a Canadian Utility, Breached: A Global Warning for Critical Infrastructure

02 May 2025

Contributed by Lukas

On April 25, 2025, Nova Scotia Power, the province’s primary electricity provider, confirmed what many suspected: a cyber incident involving unautho...

SentinelOne Discloses Ongoing Attacks by Nation-State Hackers and Ransomware Gangs

02 May 2025

Contributed by Lukas

In a rare move, SentinelOne has publicly confirmed that it is under persistent attack from nation-state threat actors and ransomware gangs. This episo...

OpenEoX and the Future of End-of-Life Standardization in IT

02 May 2025

Contributed by Lukas

In this episode, we unpack the evolving landscape of Product Lifecycle Management (PLM) and why it's become a strategic cornerstone in modern IT envir...

LayerX Secures $45M Total to Battle Data Leaks, One Browser at a Time

30 Apr 2025

Contributed by Lukas

LayerX just raised another $11 million — and it’s not to build another antivirus. With $45 million in total funding, the company is betting that y...

$10.5M to Fight AI-Phishing: The Rise of Pistachio’s Cybersecurity Training Platform

30 Apr 2025

Contributed by Lukas

In this episode, we dive into the story of Pistachio, the Norwegian cybersecurity startup that just raised $7 million in new funding—bringing its to...

AirBorne: How a Zero-Click Bug Threatens Millions of Apple and Third-Party Devices

30 Apr 2025

Contributed by Lukas

In this episode, we dive deep into AirBorne — a critical set of vulnerabilities in Apple’s AirPlay protocol and SDK, recently uncovered by securit...

The Silent Majority: Why 51% of Internet Traffic Is Now Bots

29 Apr 2025

Contributed by Lukas

The bots have taken over—and they’re not just crawling your website. In this episode, we dig into the alarming reality that automated bots now gen...

From 1,382 to 4 Million: What VeriSource Didn’t Know (or Say)

29 Apr 2025

Contributed by Lukas

In this episode, we investigate the massive data breach at VeriSource Services, Inc. (VSI), a Houston-based HR outsourcing and employee benefits admin...

Actively Exploited: Commvault Web Shells, Active! mail RCE, and Brocade Code Injection Now in KEV

29 Apr 2025

Contributed by Lukas

Three actively exploited vulnerabilities—CVE-2025-42599 (Qualitia Active! mail), CVE-2025-3928 (Commvault Web Server), and CVE-2025-1976 (Broadcom B...

Hard-Coded Havoc: The Fatal Flaws in Planet’s Network Devices

28 Apr 2025

Contributed by Lukas

A wave of critical vulnerabilities in Planet Technology’s industrial switches and network management systems could let attackers hijack devices, ste...

Craft CMS Crisis: The 10.0-Rated RCE Flaw Every Developer Must Patch Now

28 Apr 2025

Contributed by Lukas

A critical, actively exploited vulnerability (CVE-2025-32432) is wreaking havoc on Craft CMS—allowing attackers to execute arbitrary PHP code on unp...

Policy Puppetry: How a Single Prompt Can Trick ChatGPT, Gemini & More Into Revealing Secrets

28 Apr 2025

Contributed by Lukas

Recent research by HiddenLayer has uncovered a shocking new AI vulnerability—dubbed the "Policy Puppetry Attack"—that can bypass safety guardrails...

Lazarus Strikes Again: Inside Operation SyncHole and the 1-Day Exploitation Crisis

25 Apr 2025

Contributed by Lukas

In this episode, we break down the most urgent cybersecurity developments from late April 2025—including the Lazarus Group’s high-profile “Opera...

OAuth Phishing and Microsoft 365: The Hidden Threats SMBs Can't Ignore

25 Apr 2025

Contributed by Lukas

In this episode, we dissect the real-world challenges of securing Microsoft 365 environments—especially for small and medium-sized businesses—amid...

Why Outlook Is Eating Your CPU — And What Microsoft Says About It

25 Apr 2025

Contributed by Lukas

Microsoft has acknowledged a serious issue affecting users of classic Outlook for Windows: CPU usage spikes up to 50% just from typing emails. First a...

Trojan Map App: Spyware Targets Russian Soldiers via Alpine Quest

24 Apr 2025

Contributed by Lukas

A newly discovered Android spyware campaign is targeting Russian military personnel by weaponizing a popular mapping app. Disguised as a cracked versi...

Blue Shield Breach: 4.7 Million Health Records Leaked via Google Analytics

24 Apr 2025

Contributed by Lukas

Blue Shield of California has confirmed a data breach affecting 4.7 million members—caused not by hackers, but by a misconfigured Google Analytics s...

$16.6 Billion Lost: The True Cost of Cybercrime in America

24 Apr 2025

Contributed by Lukas

Cybercrime in the U.S. has reached new, record-breaking heights.In this episode, we dive deep into the FBI's 2024 Internet Crime Complaint Center (IC3...

The Second Scam: FBI Warns of IC3 Impersonators Targeting Fraud Victims

22 Apr 2025

Contributed by Lukas

The FBI has issued a stark warning about a growing scam targeting individuals who’ve already been victimized. In this episode, we unpack how fraudst...

Inside the Breach: What Recent Cyberattacks Reveal About Your Data Security

16 Apr 2025

Contributed by Lukas

Cyberattacks are no longer rare shocks—they're a constant drumbeat in the background of our digital lives. In this episode, we take you on a deep di...

Inside Security News : GitHub Supply Chain Attacks, Ransomware Defense, and Cloud Security

15 Apr 2025

Contributed by Lukas

In this deep-dive episode, we untangle some of today’s most critical cybersecurity threats—from GitHub’s complex quadruple supply chain attack t...

Next.js Security Vulnerability: Middleware Bypass (CVE-2025-29927)

14 Apr 2025

Contributed by Lukas

Is your web app truly secure? In this episode, we break down a critical NextJS vulnerability (CVE-2025-29927) that could allow attackers to bypass aut...

Cyberattack Roundup: Lessons from the Latest Breaches & Ransomware Strikes

26 Mar 2025

Contributed by Lukas

From data breaches at major banks to ransomware crippling healthcare and tech companies, cyber threats are hitting harder than ever. In this episode, ...

Mastering Incident Response: A Guide to Building a Resilient Plan

26 Mar 2025

Contributed by Lukas

Cyber threats are inevitable, but a strong incident response plan can make all the difference. In this episode, we explore the essential steps for cre...

No More Warnings? The Risks of Losing CIPAC’s Cyber Threat Coordination

20 Mar 2025

Contributed by Lukas

The Department of Homeland Security (DHS) has abruptly shut down the Critical Infrastructure Partnership Advisory Council (CIPAC), the central hub for...

517,000 Victims: How a Ransomware Gang Targeted Pennsylvania’s Largest Educators’ Union

20 Mar 2025

Contributed by Lukas

Over 517,000 individuals are now at risk after the Pennsylvania State Education Association (PSEA) suffered a massive data breach in July 2024—claim...

DollyWay: The 8-Year WordPress Malware Campaign Infecting 20,000 Sites

20 Mar 2025

Contributed by Lukas

For nearly a decade, a malware campaign dubbed DollyWay has silently compromised over 20,000 WordPress websites, evolving from a ransomware and bankin...

MegaRAC CVE-2024-54085 Vulnerability: Critical BMC Flaw Threatening Data Centers

19 Mar 2025

Contributed by Lukas

A newly discovered critical vulnerability (CVE-2024-54085) in AMI’s MegaRAC Baseboard Management Controller (BMC) software puts thousands of servers...

Microsoft Windows March Update Wipes Out Copilot

19 Mar 2025

Contributed by Lukas

Microsoft’s latest Windows 10 and 11 updates (KB5053598 and KB5053606) have accidentally uninstalled Copilot, the AI assistant, from some users' sys...

Hackers Flip the Script: How a Fake Coinbase Email Could Empty Your Wallet

18 Mar 2025

Contributed by Lukas

A new and incredibly deceptive phishing campaign is targeting Coinbase users—but this isn’t your typical scam. Instead of stealing your recovery p...

Brute-Force on Autopilot: Black Basta’s 'BRUTED' VPN Tool for Ransomware Expansion

17 Mar 2025

Contributed by Lukas

Black Basta, one of the most notorious ransomware gangs, has taken brute-force attacks to the next level with BRUTED—an automated framework designed...

GitHub Action Hijacked: The Supply Chain Attack That Exposed 23,000 Repositories

17 Mar 2025

Contributed by Lukas

In this episode, we unpack a major supply chain attack that compromised the widely used GitHub Action ‘tj-actions/changed-files’, affecting over 2...

Brave Browser Review 🎯 How Safe is This Web Browser? (2025)

17 Mar 2025

Contributed by Lukas

Bridging the Gap: Developers vs. Security in the Cloud

14 Mar 2025

Contributed by Lukas

In this episode of The Deep Dive, we explore the ongoing tension between development and security teams in cloud environments. While developers priori...

Exploring the Dark Web: Unveiling the Hidden Internet 🌐💻

13 Mar 2025

Contributed by Lukas

Ever wondered what lies beneath the surface of the internet? 🤔 In this deep dive, we uncover the mysteries of the Dark Web—a hidden part of the i...

Security vulnerabilities: Key Steps for secure Workflows

12 Mar 2025

Contributed by Lukas

Ever wondered how sensitive credentials—like API keys, passwords, and certificates—end up scattered across your systems? 🤔 This hidden cybersec...

The Hidden Threat of Wi-Fi Tracking: How Your Devices Reveal Your Location

12 Mar 2025

Contributed by Lukas

Did you know your phone is constantly mapping Wi-Fi hotspots around you—even when you're not using GPS? In this deep dive, we uncover the unsettling...

Zero Trust & Data Security: The Future of Protecting Government Information

11 Mar 2025

Contributed by Lukas

In this episode, we dive into a crucial topic—data security for government agencies. With evolving cyber threats, traditional security measures no l...

Japanese telco NTT Communications hacked hackers accessed details of almost 18,000 organizations

10 Mar 2025

Contributed by Lukas

panese telecommunications giant NTT Communications Corporation (NTT Com) has disclosed a data breach affecting information from nearly 18,000 corporat...

1 Million Devices Hit: Inside the Massive Malvertising Campaign

07 Mar 2025

Contributed by Lukas

A massive malvertising campaign has compromised one million devices worldwide, using malicious ads on illegal streaming websites to distribute malware...

Inside the $635K Taylor Swift Ticket Heist: Cybercrime, Loopholes, and Insider Threats

07 Mar 2025

Contributed by Lukas

A cybercrime operation involving the theft and resale of $635,000 worth of concert tickets—primarily for Taylor Swift’s Eras Tour—has been uncov...

Silk Typhoon Strikes: From Direct Breaches to Stealthy Supply Chain Attacks

06 Mar 2025

Contributed by Lukas

In this episode, we take an in-depth look at Silk Typhoon, the Chinese state-sponsored cyber espionage group that’s radically shifting its tactics. ...

Tracking Stingrays: How Rayhunter Shields Your Mobile Privacy

06 Mar 2025

Contributed by Lukas

In this episode, we dive into Rayhunter—an open source tool from the EFF designed to detect Stingray devices (cell-site simulators) that compromise ...

AI-Generated Video of YouTube's CEO Used In Phishing Attack

05 Mar 2025

Contributed by Lukas

BackConnect, Microsoft Teams, & Social Engineering—How Ransomware is Adapting

05 Mar 2025

Contributed by Lukas

The ransomware landscape is shifting, and Black Basta and Cactus are at the center of it. In this episode, we break down the connections between these...

OnlyFans Cyberattacks: Fake CAPTCHAs and Malware Distribution Threaten Users

04 Mar 2025

Contributed by Lukas

Cyberattacks are increasingly targeting OnlyFans users through sophisticated phishing schemes. These attacks leverage fake Cloudflare CAPTCHAs to tric...

9 Million Downloads, Now Banned: VSCode Extensions Under Fire

27 Feb 2025

Contributed by Lukas

In a shocking move, Microsoft has banned the popular Material Theme – Free and Material Theme Icons – Free extensions from the Visual Studio Marke...