A high-severity security flaw has been disclosed in ServiceNow’s platform that, if successfully exploited, could result in data exposure and exfiltration. The vulnerability, tracked as CVE-2025-3648 (CVSS score: 8.2), has been described as a case of data inference in Now Platform through conditional access control list (ACL) rules. It hasRead More »ServiceNow Flaw CVE-2025-3648 Could Lead to Data Exposure via Misconfigured ACLs

The Initial Access Broker (IAB) known as Gold Melody has been attributed to a campaign that exploits leaked ASP.NET machine keys to obtain unauthorized access to organizations and peddle that access to other threat actors. The activity is being tracked by Palo Alto Networks Unit 42 under the moniker TGR-CRI-0045,Read More »Gold Melody IAB Exploits Exposed ASP.NET Machine Keys for Unauthorized Access to Targets

A threat actor based in Pakistan (APT36) has engaged in a sophisticated cyber-espionage campaign.

New research delves into the state of operational technology (OT) cybersecurity. 

A threat actor with suspected ties to India has been observed targeting a European foreign affairs ministry with malware capable of harvesting sensitive data from compromised hosts. The activity has been attributed by Trellix Advanced Research Center to an advanced persistent threat (APT) group called DoNot Team, which is alsoRead More »DoNot APT Expands Operations, Targets European Foreign Ministries with LoptikMod Malware

The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) on Tuesday sanctioned a member of a North Korean hacking group called Andariel for their role in the infamous remote information technology (IT) worker scheme. The Treasury said Song Kum Hyok, a 38-year-old North Korean national with anRead More »U.S. Sanctions North Korean Andariel Hacker Behind Fraudulent IT Worker Scheme