A newly observed Mirai variant, “Broadside,” is exploiting weakly protected IoT systems across global maritime logistics environments. Its rapid spread and operational impact highlight growing risks as critical shipping infrastructure becomes increasingly automated and interconnected.
GlassWorm is the first known self-propagating worm targeting developer environments by infecting VS Code extensions with hidden Unicode payloads. Once installed, it steals credentials from NPM, GitHub and Git, and upgrades machines into proxy nodes and part of a distributed criminal infrastructure. It uses a blockchain-based command and control mechanism and auto-updates to spread across the developer ecosystem. In this article, we dissect how GlassWorm works, what makes it a paradigm shift in supply-chain attacks, and what organisations must do to detect and contain it before their dev workstations become weaponised.
The KimWolf malware Android botnet demonstrates how mobile threats continue to scale by abusing Android apps, infrastructure, and weak security controls.
A critical vulnerability in the Service Finder Bookings plugin bundled with the Service Finder WordPress theme allows unauthenticated attackers to log in as administrators. The flaw, tracked as CVE-2025-5947, is actively exploited in the wild with a CVSS 9.8 rating. Users must patch immediately to prevent takeovers.
Microsoft’s December 2025 Patch Tuesday delivers critical security updates — 56 vulnerabilities across Windows, Office, Exchange and more including three zero-day flaws. Attackers exploited at least one, making immediate patching vital for enterprise and personal systems alike.
Harrods informed loyalty program members of a data breach tied to a third-party provider. The luxury retailer is investigating and urging customer caution.
Microsoft’s July 2025 cumulative update KB5062553 for Windows 11 24H2 is breaking core shell features like the Start menu, taskbar, and Settings on some systems, especially in VDI and first-logon scenarios. This breakdown goes through what’s actually failing, why a XAML race condition sits at the center of it, and how admins can keep 24H2 from turning user desktops into black screens.
Who Is Scattered Spider? Scattered Spider is a cybercrime group known for executing high-impact ransomware attacks across the United States. They gained notoriety for their clever use of social engineering, SIM-swapping, and remote access tools to infiltrate major organizations. Operating with international ties, the group targeted companies with sophisticated techniques and insider manipulation to extort…
Herodotus is a new Android banking trojan that fakes human typing with randomized delays. Because naive timing checks fail, defenders should harden policy, watch overlays and Accessibility events, and tune fraud models to catch the session—not just the cadence.
Threat actors now pair generative AI with trusted cloud apps to breach manufacturing. They deliver malware through OneDrive/GitHub, steal API keys and tokens, and persist via OAuth consent. Without governed AI usage, Cloud DLP, and consent controls, factories face quiet IP theft and escalating downtime risks.