Dell Technologies has issued a critical security advisory warning customers about multiple vulnerabilities in its Secure Connect Gateway (SCG) product that could potentially lead to system compromise. The vulnerabilities affect versions prior to 5.28.00.14 and require immediate attention from system administrators. According to Dell’s advisory, two newly identified vulnerabilities specific to Dell’s proprietary code include: […]
The Babuk2 ransomware group has been caught issuing extortion demands based on false claims and recycled data from previous breaches. This revelation comes from recent investigations conducted by the Halcyon RISE Team, shedding light on a concerning trend in the world of cybercrime. The Babuk2 group, also known as Babuk-Bjorka, has been making waves with […]
Kali Linux, the widely acclaimed cybersecurity-focused distribution, has officially unveiled its latest release, Kali Linux 2025.1a. This update not only significantly enhances desktop environments but also introduces exciting new tools and improvements tailored for cybersecurity professionals and enthusiasts. The release, available for download or upgrade, builds upon existing features to provide a more streamlined user experience. The “a” in 2025.1a indicates a […]
Moving Beyond Detection to Real-Time, Automated Security Across Workloads, Cloud, and Infrastructure SecPod, a global cybersecurity provider, has announced the General Availability of Saner Cloud, a Cloud-Native Application Protection Platform designed to provide automated remediation and workload security across multi-cloud environments. Unlike conventional security solutions that focus primarily on detection, Saner Cloud integrates security using […]
Cybersecurity experts have identified a persistent trend of threat actors exploiting legitimate remote monitoring and management (RMM) software to infiltrate networks, maintain access, and facilitate lateral movement. These legitimate tools, which are typically used by IT administrators for system maintenance and support, provide attackers with powerful capabilities that often evade traditional security measures due to […]
ANY.RUN, the interactive malware analysis platform has announced full support for Android OS in its cloud-based sandbox environment, enabling security teams to investigate Android malware with unprecedented accuracy and efficiency. With this new feature, ANY.RUN allows Security Operations Center (SOC) teams, incident responders, and threat hunters to analyze Android threats in a real ARM-based sandbox. […]
A sophisticated attack employing Legacy Driver Exploitation technique has emerged as a significant cybersecurity threat, according to a recent security report. The attack, first documented in June 2024 by CheckPoint-Research (CPR), primarily focuses on remotely controlling infected systems using GhOstRAT malware while evading detection mechanisms. The threat actors distribute malware through phishing sites and messaging […]
California Cryobank LLC, one of America’s largest sperm donor repositories, has confirmed a significant data breach that exposed sensitive customer information. The cyber intrusion, which occurred on April 20, 2024, but remained undetected until October 4, 2024, has triggered mandatory breach notifications to affected individuals across multiple states, with formal notices sent to customers on […]
Password reuse continues to be one of the most significant security vulnerabilities in 2025, with alarming new data showing nearly half of all successful website logins involve previously exposed credentials. This widespread practice of recycling passwords across multiple services creates a cascading security risk that affects millions of users daily, even as awareness about online […]
A sophisticated attack vector dubbed “MalDoc in PDF” allows threat actors to bypass traditional security scanning by embedding malicious Word documents into PDF files. This technique, observed in attacks dating back to July, enables macros to execute when victims open what appears to be standard documents, potentially compromising systems while evading detection from common security […]
