Paper Werewolf Threat Actor Targets Flash Drives With New Malware darkreadingKristina Beek, Associate Editor, Dark Reading
April 11, 2025

The threat actor, also known as Goffee, has been active since at least 2022 and has changed its tactics and techniques over the years while targeting Russian organizations. The threat actor, …


Fortinet Warns Attackers Retain FortiGate Access Post-Patching via SSL-VPN Symlink Exploit The Hacker [email protected] (The Hacker News)
April 11, 2025

Fortinet has revealed that threat actors have found a way to maintain read-only access to vulnerable FortiGate devices even after the initial access vector used to breach the devices was …


Financial Fraud, With a Third-Party Twist, Dominates Cyber Claims darkreadingRobert Lemos, Contributing Writer
April 11, 2025

The most damaging attacks continue to be ransomware, but financial fraud claims are more numerous — and both are driven by increasing third-party breaches. The most damaging attacks continue to be …


Using Third-Party ID Providers Without Losing Zero Trust darkreadingStephanie Domas
April 11, 2025

With $4.4 billion in worldwide data breach fines in 2024, the cost of not knowing who's walking into your systems is devastating. With $4.4 billion in worldwide data breach fines in …


Organizations Lack Incident Response Plans, But Answers Are on the Way darkreadingArielle Waldman
April 11, 2025

Developing strong incident response plans remains an area that requires significant improvement. Here are some shortcomings and how to address them. Developing strong incident response plans remains an area that requires …


Paper Werewolf Deploys PowerModul Implant in Targeted Cyberattacks on Russian Sectors The Hacker [email protected] (The Hacker News)
April 11, 2025

The threat actor known as Paper Werewolf has been observed exclusively targeting Russian entities with a new implant called PowerModul. The activity, which took place between July and December 2024, singled …


11 Bugs Found in Perplexity AI’s Chatbot Android App darkreadingNate Nelson, Contributing Writer
April 11, 2025

Researchers characterize the company's artificial intelligence chatbot as less secure than ChatGPT and even DeepSeek. Researchers characterize the company's artificial intelligence chatbot as less secure than ChatGPT and even DeepSeek.  ​Read More


Fortinet Releases Advisory on New Post-Exploitation Technique for Known Vulnerabilities AlertsCISA
April 11, 2025

Fortinet is aware of a threat actor creating a malicious file from previously exploited Fortinet RCE vulnerabilities within FortiOS and FortiGate products. This malicious file could enable read-only access to …


Initial Access Brokers Shift Tactics, Selling More for Less The Hacker [email protected] (The Hacker News)
April 11, 2025

What are IABs? Initial Access Brokers (IABs) specialize in gaining unauthorized entry into computer systems and networks, then selling that access to other cybercriminals. This division of labor allows IABs to …


ISC Stormcast For Friday, April 11th, 2025 https://isc.sans.edu/podcastdetail/9404, (Fri, Apr 11th) SANS Internet Storm Center, InfoCON: green
April 11, 2025

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License. (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.  ​Read More