Continuous Threat Exposure Management (CTEM) is an evolving cybersecurity practice focused on identifying, assessing, prioritizing, and addressing security weaknesses and vulnerabilities in an organization’s digital assets and networks continuously. UnlikeRead More →
Hertz Global Holdings has formally confirmed a significant data breach that compromised personal information—including driver’s license numbers and financial details—of its customers across the Hertz, Thrifty, and Dollar rental brands.Read More →
In 2024, a new kind of online trick called “ClickFix” has been fooling people into clicking on things they shouldn’t. Imagine you’re using your computer and suddenly a message popsRead More →
A newly disclosed vulnerability in WinRAR, the widely used Windows file compression utility, has sparked serious concern in the cybersecurity community due to its ability to bypass Microsoft’s “Mark ofRead More →
A newly disclosed vulnerability dubbed ImageRunner, uncovered by Tenable Research, exposed a subtle yet powerful privilege escalation pathway in Google Cloud Platform’s Cloud Run service. The vulnerability, now patched byRead More →
First discovered on July 17, 2024, Lynx ransomware quickly made a name for itself by targeting high-profile U.S. companies and extorting millions in ransom payments. Built on the remnants ofRead More →
Two malicious Visual Studio Code (VSCode) extensions were recently discovered deploying early-stage ransomware, raising serious concerns about the security of Microsoft’s extension vetting process. Identified by cybersecurity firm ReversingLabs, theRead More →
In today’s interconnected digital ecosystem, organizations face an ever-expanding array of cybersecurity threats. Among the most persistent and dangerous are file-based attacks, which continue to evolve in sophistication and remainRead More →
A well-known hacking group called GreenCharlie (also known as APT42, TA453, or Mint Sandstorm) has set up new online infrastructure between January and February 2025, which is believed to beRead More →
A cybercriminal named “mr. Guram,” affiliated with the notorious “Ramp” group, has launched Mimic v.10, a new Ransomware-as-a-Service (RaaS) program, allowing hackers and Initial Access Brokers (IABs) to distribute ransomwareRead More →
On February 21, 2025, cybersecurity expert Jason Haddix, from Arcanum Information Security, released MSFTRecon—a powerful tool designed to scan Microsoft 365 and Azure for security loopholes, misconfigurations, and attack pathsRead More →
