IntroductionAPT37 (also known as ScarCruft, Ruby Sleet, and Velvet Chollima) is a North Korean-aligned threat actor active since at least 2012. APT37 primarily targets South Korean individuals ...

WhatsApp flaw exploited in targeted spyware attacks, Microsoft mandates Azure MFA, Nissan hit by Qilin ransomware, Baltimore loses $1.5M in fraud, and FreePBX CVSS 10 flaw under attack.

Donncha Ó Cearbhaill, the head of Amnesty International’s security lab, suggested attackers used the flaws in a highly ...

Microsoft will mandate Multi-Factor Authentication (MFA) for Azure CLI, PowerShell, and APIs starting Oct 1, 2025, to enhance ...

Starting in October, Microsoft will enforce multi-factor authentication (MFA) for all Azure resource management actions to protect Azure clients from unauthorized access attempts.

Abstract: Representational state transfer application programming interfaces (REST APIs) are an indispensable building block in today’s cloud-native applications. However, testing REST APIs is ...

Cybersecurity researchers are calling attention to a new phishing campaign that employs the ClickFix technique to deliver an open-source command-and-control (C2) framework called Havoc. "The threat ...

The North Korea-linked threat actor known as Kimsuky has been observed using a new tactic that involves deceiving targets into running PowerShell as an administrator and then instructing them to paste ...