What the Coinbase Breach Says About Insider Risk
The lesson from the breach is not just about what went wrong — but what could have gone right.
Getting a Cybersecurity Vibe Check on Vibe Coding
Following a number of high-profile security and development issues surrounding the use of LLMs and GenAI to code and create applications, it’s worth taking a temperature check to ask: Is this technology ready for prime time?
Experts Detect Multi-Layer Redirect Tactic Used to Steal Microsoft 365 Login Credentials
Cybersecurity researchers have disclosed details of a new phishing campaign that conceals malicious payloads by abusing link wrapping services from Proofpoint and Intermedia to bypass defenses. “Link wrapping is designed by vendors like Proofpoint to protect users by routing all clicked URLs through a scanning service, allowing them to block known malicious destinations at the […]
Russia’s Secret Blizzard APT Gains Embassy Access via ISPs
An ongoing AitM campaign by the infamous Moscow-sponsored cyber-threat actor has widened its scope, dropping the dangerous ApolloShadow custom backdoor malware thanks to lawful intercept systems.
3 Things CFOs Need to Know About Mitigating Threats
To reposition cybersecurity as a strategic, business-critical investment, CFOs and CISOs play a critical role in articulating the significant ROI that robust security measures can deliver.
Secret Blizzard Deploys Malware in ISP-Level AitM Attacks on Moscow Embassies
The Russian nation-state threat actor known as Secret Blizzard has been observed orchestrating a new cyber espionage campaign targeting foreign embassies located in Moscow by means of an adversary-in-the-middle (AitM) attack at the Internet Service Provider (ISP) level and delivering a custom malware dubbed ApolloShadow. “ApolloShadow has the capability to install a trusted root certificate […]
Chromium: CVE-2025-8292 Use after free in Media Stream
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/202[SS9.1]5) for more information.
SafePay Claims Ingram Micro Breach, Sets Ransom Deadline
The ransomware gang claims to have stolen 3.5TB of data, and told the technology distributor to pay up or suffer a data breach.
DragonForce Ransom Cartel Profits Off Rivals’ Demise
The fall of RansomHub led to a major consolidation of the ransomware ecosystem last quarter, which was a boon for the DragonForce and Qilin gangs.
Gen Z Falls for Scams 2x More Than Older Generations
Forget gullible old people — Gen Z is the most at-risk age group on the Web. Older folks might want to ignore it, but employers are likely to feel the brunt.
