Qualcomm’s Guardian Could Rival Intel vPro But Always-On Connectivity Raises Risks
Qualcomm’s Guardian aims to rival Intel vPro with always-on device control via built-in cellular connectivity, but the tradeoff may threaten privacy and trust.
Read More
Rhysida Hackers Claim Attack on Maryland Department of Transportation
The Rhysida ransomware gang claims to have breached Maryland’s Department of Transportation, leaking personal data and demanding a $3.3 million ransom. Officials confirmed data loss affecting Maryland Transit Administration systems but said core services remain operational.
ClickFix’s Domain Army: 13,000+ Domains, Massive Attack Surface
Attackers behind the ClickFix campaign registered over 13,000 unique domains to execute browser-based malware through fake CAPTCHA lures and clipboard tricks. This breakdown reveals their infrastructure, tactics, and defenses every security team must implement.
AWS Agentic AI: Modernizing Legacy IT, But at What Cost?
AWS’s agentic-AI initiative promises rapid enterprise modernization, but it also broadens cyber-attack surfaces dramatically. Autonomous agents bridging legacy systems and cloud infrastructure demand rigorous security, governance, and threat modeling before adoption.
Hackers Compromise Xubuntu Site to Spread Malicious Downloads
Hackers breached the official Xubuntu website and replaced legitimate download links with malware-infected files. The incident highlights the growing risk of supply-chain compromises targeting open-source Linux distributions.
Microsoft Announces End of Support for Exchange Servers
Microsoft has officially ended support for Exchange Server 2016 and 2019, marking the end of a major on-premises email era.
Enterprises still running these versions now face significant security and compliance risks, as both will receive no further patches or updates.
How EtherHiding Lets Hackers Hide Malware on BSC & Ethereum
North Korea–linked hackers now embed JavaScript malware in blockchain smart contracts via EtherHiding. This stealthy method turns public blockchains into resilient drop zones. The multi-stage campaign includes JADESNOW and InvisibleFerret backdoors, demanding new defense strategies.
New MatrixPDF Attack Weaponizes PDFs for Phishing Campaigns
Researchers have uncovered a new cybercriminal toolkit called MatrixPDF, designed to transform normal PDF files into weapons for phishing and malware delivery. This toolkit lowers the barrier for attackers. In fact, it provides ready made templates that let even inexperienced hackers craft PDF lures capable of bypassing security filters. As a result, phishing campaigns become…
Smishing Triad Toll-Text Scam: What Security Teams Must Know
A sophisticated mobile-fraud campaign dubbed the Smishing Triad is spoofing toll-agency alerts and flooding users with fake unpaid-toll texts. Read on for how the scam works and how to defend your devices.
Salesforce Customers Targeted by Data-Theft Extortion Campaign
Hackers exploited OAuth tokens in third-party Salesforce integrations, stealing CRM data and extorting affected customers. Salesforce urges clients to rotate credentials.