Vulnerability Management‘ClickFix’ campaign targets hospitality firms with phishing attacksShaun NicholsMarch 13, 2025A novel twist on social engineering attacks is causing havoc for hospitality providers
AI/MLResearchers use jailbreak to build functional malware via DeepSeekSteve ZurierMarch 13, 2025Tenable researchers jailbreak DeepSeek to build a keylogger and ransomware.
AI/MLHealthcare cybersecurity set for AI boom in 2025Shaun NicholsMarch 12, 2025According to a CRA survey, 50% of healthcare organizations are already using AI tools in their cybersecurity practices.
Application securityAndroid spyware ‘KoSpy’ spread by suspected North Korean APTLaura FrenchMarch 12, 2025Malicious apps previously in the Google Play Store enabled theft of messages, files and more.
Application securityXCSSET macOS malware variant targets Xcode projects of app developersSteve ZurierMarch 12, 2025XCSSET variant features enhanced stealth features that can lead to the exfiltration of sensitive financial information.
Phishing95% of data breaches involve human error, report revealsLaura FrenchMarch 11, 2025Meanwhile, employees tend to be overconfident in their ability to detect scams.
Network SecurityMicrosoft’s March Patch Tuesday fixes 67 flaws, including 6 zero-daysShaun NicholsMarch 11, 2025Microsoft addressed security vulnerabilities across its various offerings, including Windows and Office.
Vulnerability Management3 Ivanti flaws added to CISA list of known exploited vulnerabilitiesSteve ZurierMarch 11, 2025Ivanti Endpoint Manager flaws can grant unauthenticated attackers full compromise of vulnerable servers.
Penetration TestingCobalt Strike abuse by cybercriminals slashed 80%Laura FrenchMarch 10, 2025Fortra gave an update on two years of efforts to reduce abuse of its redteaming tool.
Data SecurityNew York attorney general hits Allstate with suit over data breachesShaun NicholsMarch 10, 2025The incidents occurred in 2020 and 2021, and exposed the data of 165,000 people in New York state.
