Month: July 2025
9 posts
Weekly Top 10: 07.21.2025: Hackers Use GitHub to Host Malware Payload; Critical Cisco Zero-Day Allows Root Access Without Password; Google Patches Chrome Zero-Day Used for Sandbox Escape, and More.
Hackers Use GitHub to Host Malware Payload; Critical Cisco Zero-Day Allows Root Access Without Password; Google Patches Chrome Zero-Day Used for Sandbox Escape and 7 More.
Web of Influence: How Scattered Spider Is Intensifying Its Attacks
With attack sectors ranging from hospitality to finance and telecommunications, Scattered Spider has launched a wide net of…
The Necessity of Real-Time AI Playbook Updates
Threat teams are staying on high alert because AI-powered threat campaigns are becoming more common. Updated playbooks, also known as runbooks, are essential for these teams. Currently, they face the risk of falling behind.
Innovator Series EP10: Kevin Tian of Doppel
In this episode of the Innovator Series, we speak with Kevin Tian of Doppel, the Silicon Valley startup…
Weekly Top 10: 07.14.2025: DoNot APT Group Targets European Government Entities; McDonald’s AI Hiring System Exposed 64 Million Applicants; Malicious Browser Extensions Infect 2.3 Million Users, and More.
DoNot APT Group Targets European Government Entities; McDonald's AI Hiring System Exposed 64 Million Applicants; Malicious Browser Extensions Infect 2.3 Million Users, and 7 more.
Strengthening Identity Proofing in the Age of AI Voice Generators
In the age of artificial intelligence, identity and trust are critical. But businesses must find the balance between risk and trust.
Weekly Top 10: 07.07.2025: 600,000 WordPress Sites Affected by Arbitrary File Deletion Vulnerability; FoxyWallet: 40+ Malicious Firefox Extensions Exposed; Filefix Part 2: Social Engineering via HTML Applications, and More.
600,000 WordPress Sites Affected by Arbitrary File Deletion Vulnerability; FoxyWallet: 40+ Malicious Firefox Extensions Exposed; Filefix Part 2: Social Engineering via HTML Applications
The State of Cyber Espionage in 2025—Part 2
In Part 2 of our series on Cyber Espionage, Elise Manna-Browne expands on techniques for recruiting a spy, and just how easy it can be to weaponize a human asset in 2025.
The State of Cyber Espionage in 2025—Part 1
It's mid 2025 and the modern cybersecurity landscape is starting to resemble the plot of a spy thriller—more activity is being attributed not just to remote nation-state actors, but human assets recruited to penetrate the office perimeter in-person with the goal of exfiltrating data.