Security researchers have recently uncovered a devious malware campaign that employs fake CAPTCHA and “prove you’re human” screens on spoofed websites most notably, imitations of the Gitcodes and DocuSign platforms.
The carefully orchestrated campaign tricks users into executing malicious PowerShell scripts, ultimately installing NetSupport...
As organizations face an increasingly complex threat landscape and accelerate digital transformation, Chief Information Security Officers (CISOs) are stepping beyond their traditional technical domains to become central figures in enterprise wide strategy.
The modern CISO is no longer just a guardian of firewalls and...
A new proof-of-concept exploit targeting CVE-2025-31650 in Apache Tomcat versions 10.1.10-10.1.39 has been publicly released, demonstrating a critical HTTP/2 priority header vulnerability that enables memory exhaustion attacks.
The exploit leverages malformed header injection to trigger catastrophic memory leaks in Tomcat's HTTP/2 implementation.
Exploit Mechanism and Technical Analysis
The...
Netskope Threat Labs tracked an alarming surge in phishing activity leveraging the Glitch web app platform. Attackers exploited Glitch’s free hosting and instant deployment features to launch hundreds of unique phishing sites, targeting over 830 organizations and compromising data from more than 3,000 individuals....
Cybersecurity experts have recently identified a surge in attacks leveraging new, advanced variants of the open-source remote administration tool known as Chaos RAT.
Originally crafted as a legitimate remote management utility, Chaos RAT has been increasingly hijacked by cybercriminals to target Linux and Windows...
On June 4, 2025, the U.S. Cybersecurity and Infrastructure Security Agency (CISA), in partnership with the FBI and the Australian Cyber Security Centre (ACSC), released an extensive update to its #StopRansomware advisory on the Play ransomware group.
With over 900 reported victims as of...