Coinbase Agents Bribed, Data of ~1% Users Leaked; $20M Extortion Attempt Fails The Hacker [email protected] (The Hacker News)
May 15, 2025

Cryptocurrency exchange Coinbase has disclosed that unknown cyber actors broke into its systems and stole account data for a small subset of its customers. "Criminals targeted our customer support agents overseas," …


RSAC 2025: AI Everywhere, Trust Nowhere darkreadingAmir Khayat
May 15, 2025

We're at an inflection point. AI is changing the game, but the rules haven't caught up. We're at an inflection point. AI is changing the game, but the rules haven't caught …


RealDefense Partner Program Surpasses $100M in Annual Revenue darkreading
May 15, 2025

 Post Content  ​Read More


Critical Infrastructure Under Siege: OT Security Still Lags darkreadingAlexander Culafi, Senior News Writer, Dark Reading
May 15, 2025

With critical infrastructure facing constant cyber threats from the Typhoons and other corners, federal agencies and others are warning security for the OT network, a core technology in many critical …


CISA Adds Three Known Exploited Vulnerabilities to Catalog AlertsCISA
May 15, 2025

CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.  CVE-2024-12987 DrayTek Vigor Routers OS Command Injection Vulnerability CVE-2025-4664 Google Chromium Loader Insufficient Policy Enforcement …


CISA Releases Twenty-Two Industrial Control Systems Advisories AlertsCISA
May 15, 2025

CISA released twenty-two Industrial Control Systems (ICS) advisories on May 15, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-135-01 Siemens RUGGEDCOM APE1808 Devices ICSA-25-135-02 …


Pen Testing for Compliance Only? It’s Time to Change Your Approach The Hacker [email protected] (The Hacker News)
May 15, 2025

Imagine this: Your organization completed its annual penetration test in January, earning high marks for security compliance. In February, your development team deployed a routine software update. By April, attackers …


5 BCDR Essentials for Effective Ransomware Defense The Hacker [email protected] (The Hacker News)
May 15, 2025

Ransomware has evolved into a deceptive, highly coordinated and dangerously sophisticated threat capable of crippling organizations of any size. Cybercriminals now exploit even legitimate IT tools to infiltrate networks and …


Russia-Linked APT28 Exploited MDaemon Zero-Day to Hack Government Webmail Servers The Hacker [email protected] (The Hacker News)
May 15, 2025

A Russia-linked threat actor has been attributed to a cyber espionage operation targeting webmail servers such as Roundcube, Horde, MDaemon, and Zimbra via cross-site scripting (XSS) vulnerabilities, including a then-zero-day …


Malicious npm Package Leverages Unicode Steganography, Google Calendar as C2 Dropper The Hacker [email protected] (The Hacker News)
May 15, 2025

Cybersecurity researchers have discovered a malicious package named "os-info-checker-es6" that disguises itself as an operating system information utility to stealthily drop a next-stage payload onto compromised systems. "This campaign employs clever …