cyberattack
Sysdig Reveals Discovery of Cyberattack Aimed at Tool to Build AI Apps
Sysdig today disclosed an example of how a tool for training artificial intelligence (AI) models was compromised by a cyberattack that led to the injection of malicious code and the downloading of ...
How SquareX Could Have Prevented the Coinbase Customer Support Attack
By John Carse, Field CISO, SquareXCoinbase recently disclosed a security breach involving overseas customer support agents who were bribed to provide personally identifiable information (PII) to attackers. This data was then used in ...
Hacking the Hardware Brains of Computers is the Ultimate Cyberattack
Compromising the hardware layer, especially the CPU, is the Holy Grail of cyberattacks. Recent work by Christiaan Beek, a leading cybersecurity researcher at Rapid7, into developing a ransomware proof-of-concept that infects at ...
Cyberattacks on Critical Infrastructures Makes Us Very Vulnerable
Many don’t realize that cyberattacks against Critical Infrastructure sectors, can cause more than an inconvenience of a temporary power outage. Critical Infrastructures are a favorite of aggressive Nation State cyber threats. ...
NSFOCUS APT Monthly Briefing – March 2025
Regional APT Threat Situation Overview In March 2025, the global threat hunting system of NSFOCUS Fuying Laboratory discovered a total of 19 APT attack activities. These activities were mainly distributed in South ...
Silk Typhoon Hackers Indicted
Lots of interesting details in the story: The US Department of Justice on Wednesday announced the indictment of 12 Chinese individuals accused of more than a decade of hacker intrusions around the ...
CISA Under Trump
Jen Easterly is out as the Director of CISA. Read her final interview: There’s a lot of unfinished business. We have made an impact through our ransomware vulnerability warning pilot and our ...
OAuth Identity Attack — Are your Extensions Affected?
OAuth Identity Attack — Are your Extensions Affected?A malicious variant of Cyberhaven’s browser extension (v24.10.4) was uploaded to the Chrome Store on Christmas Day. According to Cyberhaven, this compromised version can allow “sensitive information, ...
Race Condition Attacks against LLMs
These are two attacks against the system components surrounding LLMs: We propose that LLM Flowbreaking, following jailbreaking and prompt injection, joins as the third on the growing list of LLM attack types ...
Defending Against Zero-Day Attacks: How CimTrak Foils CVE-2024-38213 Exploits
Zero-day vulnerabilities remain a significant threat to cybersecurity, particularly for enterprise environments. One of the latest and most concerning examples is CVE-2024-38213, nicknamed "Copy2Pwn." This vulnerability allows attackers to bypass the Windows ...
