Cybersecurity researchers have shed light on a new ransomware-as-a-service (RaaS) operation called GLOBAL GROUP that has targeted a wide range of sectors in Australia, Brazil, Europe, and the United States since its emergence in early June 2025. GLOBAL GROUP was “promoted on the Ramp4u forum by the threat actor knownRead More »Newly Emerged GLOBAL GROUP RaaS Expands Operations with AI-Driven Negotiation Tools
Virtual event brings together leading experts, practitioners, and innovators for a full day of insightful discussions and tactical guidance on evolving threats and real-world defense strategies in cloud security. The post Virtual Event Preview: Cloud & Data Security Summit – Tackling Exposed Attack Surfaces in the Cloud appeared first onRead More »Virtual Event Preview: Cloud & Data Security Summit – Tackling Exposed Attack Surfaces in the Cloud
KnowBe4 released its new report highlighting cybersecurity challenges facing the manufacturing industry.
Obfuscated JavaScript code is embedded within SVG files for browser-native redirection to malicious pages. The post Threat Actors Use SVG Smuggling for Browser-Native Redirection appeared first on SecurityWeek.
Cloudflare has published its quarterly DDoS threat report for Q2 2025 and the company says it has blocked millions of attacks. The post DDoS Attacks Blocked by Cloudflare in 2025 Already Surpass 2024 Total appeared first on SecurityWeek.
Pennsylvania-based Century Support Services is disclosing a data breach after its systems were hacked in November 2024. The post Data Breach at Debt Settlement Firm Impacts 160,000 People appeared first on SecurityWeek.
A new report reveals new artifacts associated with ZuRu, an Apple macOS malware.
Governmental organizations in Southeast Asia are the target of a new campaign that aims to collect sensitive information by means of a previously undocumented Windows backdoor dubbed HazyBeacon. The activity is being tracked by Palo Alto Networks Unit 42 under the moniker CL-STA-1020, where “CL” stands for “cluster” and “STA”Read More »State-Backed HazyBeacon Malware Uses AWS Lambda to Steal Data from SE Asian Governments
AI agents promise to automate everything from financial reconciliations to incident response. Yet every time an AI agent spins up a workflow, it has to authenticate somewhere; often with a high-privilege API key, OAuth token, or service account that defenders can’t easily see. These “invisible” non-human identities (NHIs) now outnumberRead More »Securing Agentic AI: How to Protect the Invisible Identity Access
Cybersecurity researchers have charted the evolution of a widely used remote access trojan called AsyncRAT, which was first released on GitHub in January 2019 and has since served as the foundation for several other variants. “AsyncRAT has cemented its place as a cornerstone of modern malware and as a pervasiveRead More »AsyncRAT’s Open-Source Code Sparks Surge in Dangerous Malware Variants Across the Globe
