Security Pulse

Custom illustration showing fake software installers with TamperedChef branding dropping a hidden JavaScript backdoor on a workstation.

TamperedChef Malware Uses Fake Installers in Global Campaign

yohanmanuja1 month ago1 month ago06 mins

TamperedChef malware no longer hides only behind a rogue PDF editor. In its latest evolution, the campaign uses signed fake software installers, malvertising and SEO poisoning to deliver an obfuscated JavaScript backdoor via a dropped XML-scheduled task. Telemetry shows a strong footprint in the U.S. and heavy impact on healthcare, construction and manufacturing, where users often search online for product manuals and tools. This article unpacks the global infrastructure, shell-company certificates and execution chain so defenders can hunt and harden effectively.

Swiss military satellite constellation undergoing quantum-encryption hardware upgrade in orbit

Inside Switzerland’s Quantum-Ready Satellite Strategy for Defence

yohanmanuja1 month ago1 month ago08 mins

Quantum encryption promises stronger security, yet it also strains satellite hardware, bandwidth and mission design. Switzerland’s Armed Forces now redesign their space architecture to handle quantum-era threats, “harvest-now, decrypt-later” campaigns and the limits of legacy spacecraft.

Custom illustration showing a Windows workstation under surveillance while an obfuscated loader labeled “BadAudio” communicates with APT24 command-and-control infrastructure.

How APT24 Uses BadAudio Malware in Multi-Vector Espionage

yohanmanuja1 month ago1 month ago18 mins

BadAudio gives APT24 a stealthy first-stage foothold in a long-running espionage campaign that focuses on Windows environments. The C++ downloader hides behind DLL search-order hijacking, control-flow obfuscation and AES-encrypted C2, while the group rotates between watering-hole attacks, supply-chain compromises and targeted spearphishing to deliver it. This article breaks down BadAudio’s loader behavior, APT24’s evolving tradecraft and the defensive steps that help security teams detect, contain and disrupt this PRC-nexus operation.

Senior cyber-weapons division executive working late, silhouetted by laptop code overlay

Russian Buyer, U.S. Cyber Tools, and an Executive on the Run

yohanmanuja2 months ago2 months ago14 mins

A former general manager at a top-tier cyber-weapons developer faces criminal charges after allegedly stealing eight trade secrets between 2022 and 2025 and selling them to a Russian buyer. The case underscores serious risks to national security, supply-chain oversight, and insider threat policies across the defense-cyber industry.

RealBlindingEDR tool clearing Windows kernel callbacks to blind endpoint detection.

Researchers Uncover RealBlindingEDR Tool in Active Campaigns

yohanmanuja3 months ago3 months ago14 mins

A new tool named RealBlindingEDR disables security agents by exploiting Windows process privileges. It allows attackers to blind endpoint detection systems and execute malware without alerts, raising serious concerns among enterprise defenders.

Map showing Oracle-linked hacking campaign targeting global organizations.

Google Issues Warning on Expanding Oracle-Linked Threat Activity

yohanmanuja3 months ago3 months ago14 mins

Google has disclosed a widespread Oracle-linked hacking campaign impacting dozens of organizations across sectors including energy, tech, and logistics. The operation, active since mid-2025, exploited software integrations between vendors and clients marking one of the year’s most significant supply chain cyberattacks.

Volkswagen Group headquarters Wolfsburg with cybersecurity data breach overlay

Volkswagen Group Under 8Base Cyber Attack Data Exposure

yohanmanuja2 months ago2 months ago14 mins

Volkswagen Group faces a serious cybersecurity challenge after ransomware gang 8Base claimed to have stolen sensitive data from its global operations. The incident exposes growing supply-chain risks and highlights how industrial manufacturers remain prime targets for modern cyber-extortion campaigns.

Storm-0249 ransomware attack chain showing ClickFix social engineering, fileless PowerShell execution, and DLL sideloading techniques

Storm-0249’s Ransomware : What Security Teams Must Know

yohanmanuja3 weeks ago3 weeks ago15 mins

A chilling evolution: Storm-0249 has shifted from selling access to enabling full-blown ransomware campaigns. Their new combination of ClickFix social-engineering, fileless PowerShell and DLL sideloading dramatically increases stealth and persistence across enterprise environments.

Exposed Cisco ASA firewall devices with threat overlay & Red Hat GitLab breach visualization

Cisco Firewalls at Risk as Red Hat Reports GitLab Security Incident

yohanmanuja3 months ago3 months ago13 mins

Despite Cisco’s warnings, many ASA/FTD firewalls remain vulnerable. Simultaneously, threat actors claim they breached Red Hat’s GitLab instance. This article merges both crisis points and guides the fixes.

A conceptual image of the Windows 11 interface being hardened, with glowing blue shields representing Group Policy Objects (GPOs) locking over system components to improve security

Windows 11 Hardening Guide: 20 Must-Have GPO Settings

yohanmanuja2 months ago2 months ago49 mins

This Windows 11 (24H2) hardening guide delivers 20 Group Policy settings you can deploy today. You’ll protect credentials, block ransomware, enforce SMB signing, harden RDP, and tighten audit logging with version-specific notes and quick tests. Roll out in phases, validate with gpresult, and keep exceptions minimal and time-boxed.

Salt Typhoon fallout: Reverses ISP cybersecurity rules for telecom

Japan’s Cybersecurity Shortcomings Exposed!! Rising Threats, Weak Defenses

ChatGPT Safety Under Scrutiny: Psychosis and Mania Signals

Chrome Extensions Hijack WhatsApp Web: 131 Add-ons Exposed

Trust Wallet Chrome Extension Hack Exposes Browser Wallet Risk

Ludwigshafen Shuts Down City IT After Cyberattack

TamperedChef Malware Uses Fake Installers in Global Campaign

Inside Switzerland’s Quantum-Ready Satellite Strategy for Defence

How APT24 Uses BadAudio Malware in Multi-Vector Espionage

Russian Buyer, U.S. Cyber Tools, and an Executive on the Run

Researchers Uncover RealBlindingEDR Tool in Active Campaigns

Google Issues Warning on Expanding Oracle-Linked Threat Activity

Volkswagen Group Under 8Base Cyber Attack Data Exposure

Storm-0249’s Ransomware : What Security Teams Must Know

Cisco Firewalls at Risk as Red Hat Reports GitLab Security Incident

Windows 11 Hardening Guide: 20 Must-Have GPO Settings