We’re proud to share that MixMode has been named the “Overall Infrastructure Security Solution Provider of the Year” in the 2025 CyberSecurity Breakthrough Awards program.| MixMode
In September 2025, Kandji’s security researchers uncovered a sophisticated credential theft campaign targeting macOS developers through spoofed Homebrew installer sites. The tactics used paralleled recent pro-Russian hacktivist methods employed against operational technology (OT) and industrial control system (ICS) environments. The operation exploited trust in package managers to deliver malicious payloads capable of credential harvesting and […] The post Credential Theft Tactics by Pro-...| Cyber Security News
A pro-Russian hacktivist group known as TwoNet was caught targeting a decoy water treatment facility during a honeypot operation by Forescout’s Vedere Labs in September 2025. The incident, which unfolded via unauthorized access to a human-machine interface (HMI), highlights an evolving trend of hacktivists pivoting from web defacement to more nuanced intrusions against operational technology (OT) and […] The post Credential Theft Tactics by Pro-Russian Hacktivists Against OT and ICS Env...| Cyber Security News
Trend Micro researchers uncovered a serious security lapse involving hardcoded Azure Storage Account credentials embedded within multiple signed DLLs used in an official Axis Communications plugin for Autodesk® Revit®. The exposure, reported under multiple Trend Zero Day Initiative™ advisories (ZDI-24-1181, ZDI-24-1328, ZDI-24-1329, and ZDI-25-858), revealed that Axis’s cloud accounts, responsible for distributing Revit plugin installers […] The post Critical Axis Communications Vulne...| Cyber Security News
Microsoft has taken swift action to tighten security around Internet Explorer (IE) mode in its Edge browser following credible intelligence that cybercriminals were exploiting it to compromise Windows environments. The report, published by Microsoft’s Edge Security Team, reveals that attackers leveraged unpatched vulnerabilities in Internet Explorer’s JavaScript engine (Chakra) and abused in-browser features to execute […] The post Threat Actors Leveraging Legacy IE Mode in Microsoft Ed...| Cyber Security News
The escalating sophistication of cybercriminal operations necessitates a robust defense strategy that extends beyond the corporate firewall. As threat actors increasingly leverage the hidden corners of the internet—the dark web—to trade stolen credentials, plan attacks, and leak proprietary data, organizations must adopt advanced monitoring solutions. Identifying the Best Dark Web Monitoring Tools is no longer […] The post Top 10 Best Dark Web Monitoring Tools in 2025 appeared first on ...| Cyber Security News
A new wave of “Contagious Interview” supply-chain attacks has infected the npm registry with over 338 malicious JavaScript packages, attributed to North Korean threat actors leveraging fake recruiter personas and typosquatted dependencies. The operation, which has amassed more than 50,000 cumulative downloads, continues to exploit social engineering and open-source ecosystems to target Web3, blockchain, and […] The post 338 Malicious Packages Traced to North Korean Hackers Targeting Sof...| Cyber Security News
Security researchers from Dell’s Counter Threat Unit™ (CTU) and Sophos have uncovered an active malware campaign exploiting the WhatsApp Web platform to spread a self-propagating worm that installs Brazilian banking trojans and cryptocurrency credential stealers. The campaign, which began on September 29, 2025, primarily targets users in Brazil and leverages deceptive messages and malicious ZIP […] The post New WhatsApp Worm Campaign Discovered Delivering Banking Malware for Credential ...| Cyber Security News
A new cybercrime alliance calling itself Scattered Lapsus$ Hunters, also referenced in underground channels as SP1D3R HUNTERS or SLSH, has launched an aggressive extortion campaign targeting corporate Salesforce tenants globally. The group, which security researchers link to the so‑called “Trinity of Chaos” composed of Muddled Libra (Scattered Spider), Bling Libra (ShinyHunters), and LAPSUS$, claims to have stolen over one billion Salesforce records […] The post Claims of a 1-B...| Cyber Security News
EDR-Freeze is a proof-of-concept utility designed to incapacitate endpoint detection and response (EDR) or antivirus engines without resorting to kernel exploits or vulnerable driver installations. Instead, it hijacks legitimate Windows Error Reporting components, specifically WerFaultSecure.exe and the MiniDumpWriteDump API, to induce a temporary coma in security processes. Upon execution, EDR-Freeze_1.0.exe spawns WerFaultSecure.exe under the guise […] The post Forensic Breakdown – How ...| Cyber Security News
Astaroth, a notorious banking trojan, has reemerged in a campaign that abuses trusted cloud platforms to maintain resilience against takedown efforts. The infection process begins with highly targeted phishing emails, often themed around business, document signing, or job applications, which trick recipients into downloading a ZIP file. This archive contains an obfuscated Windows Shortcut (LNK) […]| Cyber Security News
Today, the National Cyber Security Centre (NCSC) – part of GCHQ – issued further advice to help network defenders mitigate| Cyber Security News
According to the Dmpdump report, the campaign first emerged on VirusTotal on August 28, 2025, when a file uploaded from Malaysia triggered alarms.| Cyber Security News
The vulnerability arises from how Axios decodes data: URLs, allowing an attacker to trigger unbounded memory allocation and crash Node.js processes.| Cyber Security News
RatOn Android trojan uses NFC relay, ATS, and remote access to hijack devices and drain bank accounts, first hitting Czech, Slovak users.| Cyber Security News
Empire, introducing enhanced agent capabilities and comprehensive API support designed to streamline post-exploitation operations.| GBHackers Security | #1 Globally Trusted Cyber Security News Platform
ESPHome vulnerability - A critical vulnerability has been discovered in the ESPHome web server component on the ESP-IDF platform.| Cyber Security News
A significant global effort to patch a critical zero-day remote code execution (RCE) vulnerability in Citrix NetScaler devices has seen the number of exposed systems drop from approximately 28,200 to 12,400 in just one week.| Cyber Security News
The vulnerabilities, tracked as CVE-2025-7775, CVE-2025-7776, and CVE-2025-8424, pose significant risks to organizations relying on these network infrastructure components for application delivery and secure remote access.| Cyber Security News
China-linked APT MURKY PANDA targets North American gov, tech & legal sectors, exploiting cloud flaws & stealing sensitive data.| Cyber Security News
Telegram SSH brute-force - Socket's Threat Research Team has uncovered a sophisticated supply chain attack targeting cybersecurity.| Cyber Security News
Wolf's Assault - A sophisticated APT group known as Scaly Wolf has executed a persistent multi-year campaign against a Russian.| Cyber Security News
An alleged threat actor has listed a Windows Zero-Day Remote Code Execution (RCE) exploit for sale, claiming it targets fully updated Windows 10, Windows 11, and Windows Server 2022 systems.| Cyber Security News
Workday recently disclosed that it was targeted in a social engineering campaign designed to compromise employee trust and gain unauthorized access to sensitive systems.| Cyber Security News
Best NDR solutions 1. Darktrace 2. Vectra AI 3. ExtraHop 4. Corelight 5. Arista 6. Cisco Secure Network Analytics 7. Trend Micro 8. Fidelis| GBHackers Security | #1 Globally Trusted Cyber Security News Platform
A sophisticated social engineering campaign by the EncryptHub threat group that combines impersonation tactics with technical exploitation to compromise corporate networks.| Cyber Security News
PS1Bot malware targets Windows via malvertising, using PowerShell+C# for stealthy info theft, modular design, and in-memory execution.| Cyber Security News
Released on August 14, 2025, this major update introduces groundbreaking features that extend VirtualBox's capabilities across multiple platforms| Cyber Security News
The flaw, tracked as CVE-2025-2183 with a CVSS score of 4.5, affects the certificate validation process in GlobalProtect applications running on Windows and Linux systems.| Cyber Security News
Qilin ransomware - The Qilin ransomware group has once again dominated the cyberthreat landscape in July 2025, claiming 73 victims.| Cyber Security News
CISA has issued urgent warnings regarding two critical security vulnerabilities in N-able N-Central remote monitoring and management (RMM) software that are actively being exploited by threat actors.| Cyber Security News
Fake Ukrainian Web3 team lures job seekers via malicious NPM repo in interviews, stealing crypto wallets, browser data & personal info.| Cyber Security News
A critical security vulnerability in Fortinet FortiSIEM platform that allows unauthenticated attackers to execute arbitrary commands remotely.| Cyber Security News
Global operation seizes BlackSuit ransomware servers, domains & $1.09M crypto, crippling attacks on US critical infrastructure.| Cyber Security News
Microsoft has released the Windows 11 August 2025 Cumulative Updates, KB5063878 for version 24H2 and KB5063875| Cyber Security News
EA’s Javelin anti-cheat blocked 330K cheating attempts in Battlefield 6 beta, using multi-layered defenses including Secure Boot.| Cyber Security News
Zoom has disclosed a critical vulnerability affecting multiple Windows-based clients, potentially allowing attackers to escalate privileges and compromise user systems.| Cyber Security News
Researchers have detected an unprecedented surge in brute-force attacks targeting Fortinet SSL VPN infrastructure, with over 780 unique IP addresses participating in coordinated assault campaigns.| Cyber Security News
Ivanti has released critical security updates addressing multiple high and medium-severity vulnerabilities across its Connect Secure, Policy Secure, and Zero Trust Access (ZTA) gateway products.| Cyber Security News
A massive leak of internal tooling, backdoors, and intelligence-gathering artifacts attributed to North Korea’s state-sponsored APT group Kimsuky has been published online by presumed insiders.| Cyber Security News
A severe flaw in a major automaker’s dealer portal that allowed unauthorized attackers to register for dealer accounts, escalate privileges to a national administrator, and ultimately control vehicles remotely.| Cyber Security News
Reddit has announced plans to significantly restrict the Internet Archive's Wayback Machine from indexing its platform, citing concerns that AI companies have been exploiting the archival service to circumvent Reddit's data protection policies.| Cyber Security News
ClickFix campaign targets Israeli firms via phishing to run malicious PowerShell, using fake wartime webinar invites & Teams pages.| Cyber Security News
Threat actors are leveraging sophisticated phishing campaigns by creating fake Microsoft OAuth applications to impersonate legitimate enterprises.| GBHackers Security | #1 Globally Trusted Cyber Security News Platform
MixMode has been recognized by USA Today as one of the Top 10 AI Companies to Watch in 2024. This prestigious acknowledgment highlights MixMode’s vital contributions to cybersecurity and ability to shape the industry's future through advanced AI.| MixMode
Microsoft has rolled out a comprehensive set of security enhancements aimed at countering the surge in AiTM phishing attacks.| Cyber Security News
A critical security vulnerability in ChatGPT has been discovered that allows attackers to embed malicious SVG (Scalable Vector Graphics) and image files directly into shared conversations, potentially exposing users to sophisticated phishing attacks and harmful content.| Cyber Security News
MixMode, a leader in AI-powered cybersecurity, today released State of AI in Cybersecurity Report 2025, its second annual report, independently conducted by the Ponemon Institute. Based on a survey of 685 U.S. IT and security professionals, the report reveals how organizations, especially in Critical Infrastructure, SLED, and U.S. Federal sectors, are adopting AI to counter evolving cyber threats.| MixMode
Apple has released critical security updates for macOS Sequoia, addressing multiple vulnerabilities that could allow malicious applications to access sensitive user data.| Cyber Security News
Dell Technologies has issued a security advisory regarding multiple vulnerabilities in its RecoverPoint for Virtual Machines (RP4VM) software.| Cyber Security News
The directory, located at https://server.xcode.co.id/files/mimikatz/Win32/, has raised sconcerns about potential misuse by malicious actors.| Cyber Security News
The victims, all based in France, include Omydoo, Ayomi.fr, and ADULLACT, marking a significant escalation in their cyber extortion campaign.| Cyber Security News
The breach underscores persistent vulnerabilities in the nation’s cybersecurity infrastructure and raises pressing concerns about data protection.| Cyber Security News
In October 2023, Microsoft introduced native support for 11 additional compression formats in Windows 11 through the KB5031455 update.| Cyber Security News
This marks yet another chapter in the group's ongoing campaign of digital extortion and data breaches.| Cyber Security News
This incident underscores the growing threat of ransomware targeting architecture and engineering (A&E) firms.| Cyber Security News
Microsoft Entra ID has introduced a robust security mechanism called protected actions, aimed at preventing attackers from permanently deleting user accounts.| Cyber Security News
A critical vulnerability in SolarWinds' Web Help Desk (WHD) software has been identified, allowing remote, unauthenticated attackers to exploit hardcoded credentials embedded in the system.| Cyber Security News
The pursuit of single-bit fault injection attacks has long been regarded as a challenging frontier in hardware security.| Cyber Security News
A critical security vulnerability, identified as CVE-2025-1077, has been disclosed in IBL Software Engineering's Visual Weather software and its derived products.| Cyber Security News
The incident underscores the growing threat posed by this ransomware group, which has targeted various industries worldwide.| Cyber Security News
The EarlyCrow system introduces a groundbreaking approach to detecting Advanced Persistent Threat (APT) malware command and control (C&C) communications.| Cyber Security News
A new attack vector exploiting vulnerabilities in Kerberos delegation within Active Directory (AD) networks has been uncovered.| Cyber Security News
Hackers primarily target Windows systems due to their significant market share, with over 80% of desktop operating systems running| Cyber Security News
In this blog Morphisec researchers provide technical analysis of CVE-2024-30103, a remote code execution vulnerability impacting Microsoft Outlook.| blog.morphisec.com
This blog provides an analysis by Morphisec of responding to actual Citrix Bleed attacks (CVE-2023-4966), detailing threat actor tactics and recommended safeguards.| blog.morphisec.com