GrayCharlie Injects Malicious JavaScript into WordPress Sites to Deliver NetSupport RAT and Stealc
A threat actor known as GrayCharlie has been compromising WordPress websites since mid-2023, silently embedding malicious JavaScript to push malware onto visiting users. ...
Cloud Based WAF Upload Scan and Control: The New Standard for File Upload Security
We’re excited to announce the launch of Upload Scan and Control, an essential new feature for Imperva Cloud WAF. This add-on tackles one of...
Shai-Hulud-Like Worm Targets Developers via npm and AI Tools
Supply chain worm mimicking Shai-Hulud malware spread via malicious npm packages, targeting AI tools has been identified by security researchers - Read more
2025: The Untold Stories of Check Point Research
Introduction Check Point Research (CPR) continuously tracks threats, following the clues that lead to major players and incidents in the threat landscape. Whether it’s...
Alert Fatigue Isn’t Going Away. Here’s How Modern SOCs Are Fighting Back
Security teams have been talking about alert fatigue for years. And yet, for many SOCs, the problem isn’t getting better. It’s getting worse.As environments...
Innovate UK cyber startup programme gets £10m funding booster
Graduates of DSIT and Innovate UK's CyberASAP scheme to commercialise cutting-edge cyber research projects have raised nearly £50m in the past decade. -...
Hacker stiehlt Daten von Tausenden RTL-Mitarbeitern
Ein Hacker hat sich Zugriff auf Mitarbeiterdaten von RTL verschafft.nitpicker – shutterstock.com Die RTL Group wurde offenbar Opfer einer Cyberattacke....
23rd February – Threat Intelligence Report
For the latest discoveries in cyber research for the week of 23rd February, please download our Threat Intelligence Bulletin.
TOP ATTACKS AND BREACHES
France’s Ministry of...
PII Pillage: How Attackers Use BitPanda to Plunder Credentials
By: Josh Varden, Cofense Phishing Defense CenterGiven cryptocurrency’s rise in popularity, it has slowly worked its way into the mainstream economy. Coins such as...
Latest article
Threat tactic spotlight: Subdomain takeover
In this blog post you’ll learn how to detect and prevent subdomain takeover – a tactic where threat actors exploit dangling DNS records to...
The Half-Life of Threat Intelligence: When Does an IOC Stop Being Useful?
The concept of the IOC — the Indicator of Compromise — sits at the operational heart of modern threat detection. Block the IP. Flag...
Best Prime Day Tech Deals: Apple, Bose, Garmin, and More
Shop early Amazon Prime Day tech deals on earbuds, mice, routers, doorbells, headphones, smartwatches, Android phones, and fitness watches.
The post Best Prime Day Tech...
SprySOCKS Backdoor Expands From Linux to Windows
China-linked SprySOCKS backdoor gains stealthy Windows variants and 30-plus C2 commands - Read more
