î ‚Jun 25, 2025î „Ravie LakshmananVPN Security / Malware Unknown threat actors have been distributing a trojanized version of SonicWall’s SSL VPN NetExtender application to steal credentials from unsuspecting users who may have installed it. “NetExtender enables remote users to securely connect …
SonicWall NetExtender Trojan and ConnectWise Exploits Used in Remote Access Attacks Read More »
Discover the latest advancements in Salesforce Agentforce 3, now equipped with AI agent observability and native MCP support. This enhancement provides users with real-time visibility into operations and ensures secure interoperability. Dive deeper into the exciting features of Agentforce 3 …
Salesforce launches Agentforce 3 with AI agent observability and MCP support Read More »
Not every risk looks like an attack. Some problems start as small glitches, strange logs, or quiet delays that don’t seem urgent—until they are. What if your environment is already being tested, just not in ways you expected? Some of …
Chrome 0-Day, 7.3 Tbps DDoS, MFA Bypass Tricks, Banking Trojan and More Read More »
The cybercrime group behind the Qilin ransomware-as-a-service (RaaS) operation is now offering legal counsel for affiliates to increase pressure on victims to pay ransom. This move comes as the group aims to capitalize on the void left by other ransomware …
Qilin Ransomware Adds “Call Lawyer” Feature to Pressure Victims for Larger Ransoms Read More »
î ‚Jun 21, 2025î „Ravie Lakshmanan Cyber Attack / Critical Infrastructure The April 2025 cyber attacks targeting U.K. retailers Marks & Spencer and Co-op have been classified as a “single combined cyber event.” That’s according to an assessment from the Cyber Monitoring …
Scattered Spider Behind Cyberattacks on M&S and Co-op, Causing Up to $592M in Damages Read More »
Hackers never rest, which is why it’s crucial for enterprise defenses to remain vigilant at all times. Threat actors often target businesses during off-hours when security personnel are scarce, leading to delays in response and remediation. For instance, when retail …
î ‚Jun 19, 2025î „Ravie Lakshmanan Email Security / Identity Protection Threat actors with suspected ties to Russia have been observed taking advantage of a Google account feature called application specific passwords (or app passwords) as part of a novel social engineering …
Russian APT29 Exploits Gmail App Passwords to Bypass 2FA in Targeted Phishing Campaign Read More »
Discover the event trusted by enterprise leaders for almost twenty years. VB Transform brings together the individuals shaping real enterprise AI strategy. Find out more Cloud costs are escalating in this age of generative AI, with enterprises projected to waste …
î ‚Jun 17, 2025î „Ravie LakshmananBotnet / Vulnerability Cybersecurity researchers have identified a new campaign exploiting a critical security flaw in Langflow to distribute the Flodrix botnet malware. According to a technical report by Trend Micro researchers Aliakbar Zahravi, Ahmed Mohamed Ibrahim, …
New Flodrix Botnet Variant Exploits Langflow AI Server RCE Bug to Launch DDoS Attacks Read More »
Cybersecurity experts have uncovered a malicious package on the Python Package Index (PyPI) repository that can extract sensitive developer-related data, such as credentials, configuration information, and environment variables. The package, known as chimera-sandbox-extensions, received 143 downloads and appears to have …
