Latest Intelligence
The Crowded Battle: Key Insights from the 2025 State of Pentesting Report
The 2025 State of Pentesting Report highlights the challenges faced by CISOs in managing security alerts and cyber risks, revealing a complex landscape of progress and shifting strategies in the cybersecurity realm. The insights from 500 surveyed CISOs underscore the importance of adapting to evolving threats and improving response mechanisms.
CloudSEK Raises $19 Million for Threat Intelligence Platform
CloudSEK, a threat protection and intelligence firm, has successfully raised $19 million in funding from a combination of new and existing investors. This funding is significant as it will enhance their threat intelligence platform, potentially improving cybersecurity measures for organizations.
O2 Service Vulnerability Exposed User Location
A vulnerability in O2's implementation of the IMS standard has led to the exposure of user location data in network responses. This issue raises significant privacy concerns for users, as their location information can be accessed through the network.
Madhu Gottumukkala Officially Announced as CISA Deputy Director
Madhu Gottumukkala has been officially appointed as the Deputy Director of the Cybersecurity and Infrastructure Security Agency (CISA). He joins CISA from the Bureau of Information and Technology in South Dakota, marking a significant leadership change within the agency.
Chinese Hackers Deploy MarsSnake Backdoor in Multi-Year Attack on Saudi Organization
Chinese hackers, identified as UnsolicitedBooker, have been targeting an international organization in Saudi Arabia using a new backdoor called MarsSnake. This multi-year attack highlights the ongoing cybersecurity threats posed by state-aligned actors, emphasizing the need for robust security measures.
Go-Based Malware Deploys XMRig Miner on Linux Hosts via Redis Configuration Abuse
A new cryptojacking campaign named RedisRaider is targeting publicly accessible Redis servers to deploy the XMRig miner on Linux hosts. This campaign highlights the risks associated with misconfigured Redis instances and the exploitation of legitimate commands for malicious purposes.
Malicious PyPI Packages Exploit Instagram and TikTok APIs to Validate User Accounts
Researchers have identified malicious packages on the Python Package Index (PyPI) that exploit TikTok and Instagram APIs to validate stolen email addresses. These packages, which have since been removed, highlight a significant security threat to users of these social media platforms.
'Operation RoundPress' Targets Ukraine in XSS Webmail Attacks
Operation RoundPress is a cyber-espionage campaign targeting Ukrainian government entities through sophisticated spear-phishing attacks that exploit XSS vulnerabilities. This highlights the ongoing threat to national security and the importance of cybersecurity measures in protecting sensitive information.
BreachRx Lands $15 Million as Investors Bet on Breach-Workflow Software
BreachRx, a San Francisco-based startup specializing in incident response coordination, has successfully secured $15 million in a Series A funding round led by Ballistic Ventures. This investment highlights the growing interest in breach-workflow software as organizations increasingly prioritize effective incident response solutions.
S. Dakota CIO Gottumukkala Signs on as CISA Deputy Director
S. Dakota CIO Gottumukkala has been appointed as the Deputy Director of the Cybersecurity and Infrastructure Security Agency (CISA), a significant role as the agency seeks to fill its leadership gap following the departure of its previous director, Easterly. Bridget Bean is currently serving in an acting capacity until a permanent director is appointed.
Legal Aid Agency Warns Lawyers, Defendants on Data Breach
The Legal Aid Agency has shut down its online service following a cyberattack, raising concerns about the security of sensitive legal data. The agency assures that individuals in need of legal assistance will still have access to necessary support despite the breach.
The who, where, and how of APT attacks in Q4 2024–Q1 2025
The article discusses key findings from the ESET APT Activity Report, highlighting trends and insights into Advanced Persistent Threat (APT) attacks observed in the fourth quarter of 2024 and the first quarter of 2025. These insights are crucial for understanding the evolving landscape of cyber threats and enhancing security measures.
Printer Company Procolored Served Infected Software for Months
Procolored's public website has been compromised, serving infected software downloads that contained information stealer malware and a backdoor for several months. This significant security breach poses a risk to users who downloaded the affected software, potentially compromising their sensitive information.
RVTools Official Site Hacked to Deliver Bumblebee Malware via Trojanized Installer
The official RVTools website has been compromised to distribute a malicious installer containing Bumblebee malware, impacting users of the VMware reporting utility. The company is currently working to restore their services and has taken their websites offline.
Ransomware Gangs Use Skitnet Malware for Stealthy Data Theft and Remote Access
Ransomware gangs are increasingly utilizing a malware known as Skitnet to facilitate data theft and gain remote access to compromised systems. This trend, observed since early 2025, highlights the evolving tactics of cybercriminals and the need for enhanced cybersecurity measures.