News

Kali Linux can now run in Apple containers on macOS systems

Cybersecurity professionals and researchers can now launch Kali Linux in a virtualized container on macOS Sequoia using Apple ...

Microsoft now pays up to $40,000 for some .NET vulnerabilities

Microsoft has expanded its .NET bug bounty program and increased rewards to $40,000 for some .NET and ASP.NET Core ...

Microsoft to disable Excel workbook links to blocked file types

Microsoft has announced that it will start disabling external workbook links to blocked file types by default between October ...

CISA open-sources Thorium platform for malware, forensic analysis

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) today announced the public availability of Thorium, an ...

Spikes in malicious activity precede new CVEs in 80% of cases

Researchers have found that in roughly 80% of cases, spikes in malicious activity like network reconnaissance, targeted ...

ShinyHunters behind Salesforce data theft attacks at Qantas, Allianz Life, and LVMH

A wave of data breaches impacting companies like Qantas, Allianz Life, LVMH, and Adidas has been linked to the ShinyHunters ...

Proton launches free standalone cross-platform Authenticator app

Proton has launched Proton Authenticator, a free standalone two-factor authentication (2FA) application for Windows, macOS, ...

Inside a Real Clickfix Attack: How This Social Engineering Hack Unfolds

ClickFix abuses clipboards. FileFix hijacks File Explorer. Both social engineering attacks start in the browser—and end in malware. See how Keep Aware stops these stealthy attacks before they break ...

Hackers target Python devs in phishing attacks using fake PyPI site

The Python Software Foundation warned users this week that threat actors are trying to steal their credentials in phishing ...

Hackers actively exploit critical RCE in WordPress Alone theme

Threat actors are actively exploiting a critical unauthenticated arbitrary file upload vulnerability in the WordPress theme ...

Hackers plant 4G Raspberry Pi on bank network in failed ATM heist

The UNC2891 hacking group, also known as LightBasin, used a 4G-equipped Raspberry Pi hidden in a bank's network to bypass ...

Apple patches security flaw exploited in Chrome zero-day attacks

Apple has released security updates to address a high-severity vulnerability that has been exploited in zero-day attacks ...