Cyber News & Articles

In the newly released 2025 State of Pentesting Report, Pentera surveyed 500 CISOs from global enterprises (200 from within the USA) to understand the strategies, tactics, and tools they use to cope with the thousands of security alerts, the persisting breaches and the growing cyber risks they have to handle. The findings reveal a complex picture of progress, challenges, and a shifting mindset

Threat hunters have exposed the tactics of a China-aligned threat actor called UnsolicitedBooker that targeted an unnamed international organization in Saudi Arabia with a previously undocumented backdoor dubbed MarsSnake.
ESET, which first discovered the hacking group’s intrusions targeting the entity in March 2023 and again a year later, said the activity leverages spear-phishing emails using

Eric Council Jr. pleaded guilty to charges related to the January 2024 hack of the US Securities and Exchange Commission’s (SEC) Twitter account, which saw a fake announcement about the Bitcoin cryptocurrency posted to its followers.

Read more in my article on the Hot for Security blog.

Cybersecurity researchers are calling attention to a new Linux cryptojacking campaign that’s targeting publicly accessible Redis servers.
The malicious activity has been codenamed RedisRaider by Datadog Security Labs.
“RedisRaider aggressively scans randomized portions of the IPv4 space and uses legitimate Redis configuration commands to execute malicious cron jobs on vulnerable systems,”

Cybersecurity researchers have uncovered malicious packages uploaded to the Python Package Index (PyPI) repository that act as checker tools to validate stolen email addresses against TikTok and Instagram APIs.
All three packages are no longer available on PyPI. The names of the Python packages are below –

checker-SaGaF (2,605 downloads)
steinlurks (1,049 downloads)
sinnercore (3,300 downloads)

The official site for RVTools has been hacked to serve a compromised installer for the popular VMware environment reporting utility.
“Robware.net and RVTools.com are currently offline. We are working expeditiously to restore service and appreciate your patience,” the company said in a statement posted on its website.
“Robware.net and RVTools.com are the only authorized and supported websites for

Several ransomware actors are using a malware called Skitnet as part of their post-exploitation efforts to steal sensitive data and establish remote control over compromised hosts.
“Skitnet has been sold on underground forums like RAMP since April 2024,” Swiss cybersecurity company PRODAFT told The Hacker News. “However, since early 2025, we have observed multiple ransomware operators using it

Bloomin’ eck!

I’m delighted to share with you that “The AI Fix” is up for an award!

Continuous Threat Exposure Management (CTEM) has moved from concept to cornerstone, solidifying its role as a strategic enabler for CISOs. No longer a theoretical framework, CTEM now anchors today’s cybersecurity programs by continuously aligning security efforts with real-world risk.
At the heart of CTEM is the integration of Adversarial Exposure Validation (AEV), an advanced, offensive

Mozilla has released security updates to address two critical security flaws in its Firefox browser that could be potentially exploited to access sensitive data or achieve code execution.
The vulnerabilities, both of which were exploited as a zero-day at Pwn2Own Berlin, are listed below –

CVE-2025-4918 – An out-of-bounds access vulnerability when resolving Promise objects that could allow an