Cybercriminals Weaponize Stolen Certificates and Private Keys to Infiltrate Enterprises
A wave of enterprise security incidents is being driven by a surge of cybercriminals exploiting stolen digital certificates and private keys inadvertently exposed through...
Banking Sector Faces $6.08 Million Average Loss per Ransomware Attack, Alongside Downtime and Reputation Hits
The banking sector is grappling with unprecedented challenges as ransomware attacks surge in frequency and sophistication, driving the average cost of each incident to...
Zoom Remote Control Feature Exploited to Access Victims’ Computers—with Permission
A new wave of sophisticated cyberattacks has emerged, targeting organizations through a blend of social engineering and software feature abuse.
The threat actor known...
State-Sponsored Hackers Widely Deploy ClickFix Attack in Espionage Campaigns
Security researchers have observed multiple state-sponsored hacking groups across North Korea, Iran, and Russia incorporating the ClickFix social engineering technique into their espionage operations...
Bubble.io 0-Day Lets Attackers Run Arbitrary Queries via Elasticsearch
A critical zero-day vulnerability in Bubble.io’s infrastructure has exposed thousands of no-code applications to database breaches, enabling attackers to execute unauthorized Elasticsearch queries and...
