Network SecurityFCC vows to track down sanctioned Chinese telecoms banned from USShaun NicholsMarch 24, 2025U.S.-based carriers blocked from using China-based services and equipment.
RansomwareMedusa ransomware deployed via malicious Windows driverSteve ZurierMarch 24, 2025Driver with expired certificate evades EDR controls and deploys Medusa ransomware.
AI/MLNorth Korea launches hacking hub focused on artificial intelligenceShaun NicholsMarch 21, 2025"Research Center 227" reportedly focused on using AI for cyberattacks.
AI/MLPopular AI tools tricked to create malware for Chrome browserSteve ZurierMarch 21, 2025Cato Networks researchers create jailbreak method where hacking is normal in an alternate reality.
Network SecurityRooted, jailbroken mobile devices pose security risk to organizationsShaun NicholsMarch 20, 2025One out of every 1,000 devices it encounters have either been rooted (Android) or jailbroken (iOS).
Data SecurityVeeam patches critical 9.9 flaw in backup and replication productSteve ZurierMarch 20, 2025Deserialization vulnerability that could let attackers run a remote code execution (RCE).
Patch/Configuration ManagementFlaw in Windows shortcut abused by at least 11 threat groupsShaun NicholsMarch 19, 2025Attackers are making use of Windows shortcut (.lnk) files to dupe users into running malicious code on their systems.
Threat IntelligenceClearFake exploits Web3 capabilities for malware campaignLaura FrenchMarch 19, 2025The threat actor retrieves resources and payloads from smart contracts on the Binance Smart Chain.
Vulnerability ManagementGitHub Action bug allows supply chain attack; added to CISA listSteve ZurierMarch 19, 2025Affected organizations running repos in GitHub should assume compromise and rotate secrets immediately.
MalwarePhony CAPTCHA checks trick targets to download malwareShaun NicholsMarch 18, 2025Attackers use familiarity of CAPTCHA tests to dupe victims, HP reports.
5 ransomware threats facing the financial sector – and 5 ways to respondCallie Guenther March 21, 2025
