Threat IntelligenceKimsuky shifts tactics from traditional backdoors to RDP, proxiesLaura FrenchFebruary 6, 2025The North Korean APT group has leveraged a custom RDP Wrapper and new malware called forceCopy in recent campaigns.
Vulnerability ManagementVeeam Updater receives update for critical RCE flawLaura FrenchFebruary 5, 2025The vulnerability affects Veeam Backup for Salesforce, AWS, Microsoft Azure, Google Cloud and more.
AI/MLMicrosoft fixes CVSS 9.9 vulnerability in Azure AI Face serviceLaura FrenchFebruary 4, 2025The flaw enabled authentication bypass by spoofing, with a proof-of-concept exploit available.
AI/MLGoogle reveals Gemini AI use by more than 40 state-sponsored APTsLaura FrenchFebruary 3, 2025Iran-backed groups were the most prolific adversarial users, while North Korean APTs used the LLM for likely IT worker scams.
AI/MLHow AI can revolutionize vulnerability researchLaura FrenchFebruary 3, 2025AI agents and GenAI-driven fuzzing tools are already discovering flaws in open-source software.
AI/MLChatGPT jailbreak method uses virtual time travel to breach forbidden topicsLaura FrenchJanuary 30, 2025The “Time Bandit” vulnerability could be used to make ChatGPT provide malware creation instructions.
RansomwareLynx ransomware infiltration reveals affiliate panel detailsLaura FrenchJanuary 29, 2025Group-IB researchers uncovered a structured affiliate workflow and “all-in-one” RaaS with multiple encryption modes.
Vulnerability ManagementNew USPS text scam uses unique method to hide malicious PDF linksLaura FrenchJanuary 27, 2025The obfuscation method evades detection by several mobile security solutions.
PhishingReddit, WeTransfer pages spoofed in Lumma Stealer campaignLaura FrenchJanuary 24, 2025Nearly 1,000 imitation pages were discovered, targeting users looking for other software.
AI/MLGhostGPT offers AI coding, phishing assistance for cybercriminalsLaura FrenchJanuary 23, 2025The “uncensored” GenAI tool was advertised on cybercrime forums with a focus on BEC scams.
