Cybersecurity researchers have lifted the lid on the threat actors’ exploitation of a now-patched security flaw in Microsoft Windows to deploy the PipeMagic malware in RansomExx ransomware attacks. The attacks involve the exploitation of CVE-2025-29824, a privilege escalation vulnerability impacting the Windows Common Log File System (CLFS) that was addressedRead More »Microsoft Windows Vulnerability Exploited to Deploy PipeMagic RansomExx Malware

While many organizations want to prioritize zero-trust, many face roadblocks to making this a reality.

Power doesn’t just disappear in one big breach. It slips away in the small stuff—a patch that’s missed, a setting that’s wrong, a system no one is watching. Security usually doesn’t fail all at once; it breaks slowly, then suddenly. Staying safe isn’t about knowing everything—it’s about acting fast andRead More »⚡ Weekly Recap: NFC Fraud, Curly COMrades, N-able Exploits, Docker Backdoors & More

GSX and ASIS International will celebrate 70 years of shaping the future of security, with New Orleans serving as the host city for this anniversary celebration.

Cybersecurity researchers have discovered a malicious package in the Python Package Index (PyPI) repository that introduces malicious behavior through a dependency that allows it to establish persistence and achieve code execution. The package, named termncolor, realizes its nefarious functionality through a dependency package called colorinal by means of a multi-stageRead More »Malicious PyPI and npm Packages Discovered Exploiting Dependencies in Supply Chain Attacks