Threat Note

The Akira ransomware group has been experimenting with new tools, bugs, and attack surfaces, with demonstrated success in significant sectors. Read More  

A public dataset and platform-agnostic analysis tool aim to help organizations in the fight against Apple-targeted malware, which researchers say has lacked proper attention. Read More  

A kitchen-sink approach to building containers has loaded many with vulnerabilities. A handful of companies are trying to slim them down to address the issue. Read More  

A self-replicating attack led to a tidal wave of malicious packages in the NPM registry, targeting tokens for the tea.xyz protocol. Read More  

[[{"value":"Security firms say the flaw has been actively exploited for weeks, even as Fortinet quietly shipped fixes and CISA added the bug to its KEV catalog. The post Fortinet Confirms…

 Cybercriminals have launched a new phishing campaign that tricks users by impersonating legitimate spam-filter notifications from their own company. These fake emails claim that your organization recently upgraded its Secure…

The North Korean threat actors behind the Contagious Interview campaign have once again tweaked their tactics by using JSON storage services to stage malicious payloads. "The threat actors have recently resorted to utilizing JSON storage services like JSON Keeper, JSONsilo, and npoint.io to host and deliver malware from trojanized code projects, with the lure," NVISO researchers Bart Parys, Stef

[[{"value":"The goal is to produce a cyber force capable of defeating threats posed by major adversaries such as China. The post CYBERCOM 2.0: Pentagon Unveils Plan to Fix Cyber Talent…

 On November 7th, security researchers discovered a dangerous malicious npm package called “@acitons/artifact” that had already been downloaded more than 206,000 times. The package was designed to look like the…

Sara Duffer highlights the top lessons she brought back to her security role following three years in Amazon's shadow program. Read More  

Most enterprises use more than 1,000 apps, according to ESG research, yet about half are integrated with IGA. Industry innovations enable teams to expand app coverage and get more IGA…

[[{"value":"Other noteworthy stories that might have slipped under the radar: EchoGram attack undermines AI guardrails, Asahi brewer still crippled after ransomware attack, Sora 2 system prompt uncovered. The post In…

Cybersecurity researchers have uncovered critical remote code execution vulnerabilities impacting major artificial intelligence (AI) inference engines, including those from Meta, Nvidia, Microsoft, and open-source PyTorch projects such as vLLM and SGLang. "These vulnerabilities all traced back to the same root cause: the overlooked unsafe use of ZeroMQ (ZMQ) and Python's pickle deserialization,"

The Iranian state-sponsored threat actor known as APT42 has been observed targeting individuals and organizations that are of interest to the Islamic Revolutionary Guard Corps (IRGC) as part of a new espionage-focused campaign. The activity, detected in early September 2025 and assessed to be ongoing, has been codenamed SpearSpecter by the Israel National Digital Agency (INDA). "The