Search results for: “network security”
-
The Enterprise Browser: A New Cyber Frontier, Report Warns
A new report highlights a critical shift in the landscape of enterprise cybersecurity, positing that the user’s browser has become a convergence point for significant identity, SaaS, and AI-related risks, often evading the purview of traditional security measures.
-
QNAP Issues Urgent Updates for Critical NAS Vulnerabilities Exposed at Pwn2Own
QNAP has issued a series of critical security updates following the discovery of eight severe vulnerabilities, enabling remote attackers to gain complete control over affected NAS systems.
-
Mozilla Unveils Enterprise Support Program for Firefox
Mozilla has launched a new paid support program for businesses and institutional users of its Firefox web browser, offering dedicated technical assistance and extended stability. This initiative aims to expand Firefox’s presence in corporate IT infrastructures by providing features like long-term support versions and prioritized security patches.
-
China-Linked Hackers Exploit Legacy Flaws and IIS Servers in Global Espionage Surge
Chinese state-linked cyber actors are increasingly leveraging well-known vulnerabilities and exploiting server misconfigurations to establish enduring footholds within critical networks globally, according to recent reports from cybersecurity researchers.
-
Bulgaria Seeks State Control Over Key Lukoil Refinery Amid U.S. Sanctions
Bulgaria’s parliament has enacted new legislation to place the nation’s largest oil refinery, Lukoil Neftochim Burgas, under state control, a direct response to recent U.S. sanctions targeting the Russian energy giant over its war in Ukraine. The move aims to avert a potential shutdown of the crucial Balkan facility.
-
Chinese State-Backed Hackers Weaponize Old Software Flaws for Global Espionage
Chinese state-backed hackers are exploiting old software vulnerabilities like Log4j and Microsoft IIS for global espionage, bypassing advanced defenses. This highlights the critical need for rigorous patch management against seemingly dated flaws.
-
Hidden “Logic Bombs” Found in Popular Software Packages, Threatening Future Industrial Sabotage and Data Corruption
Security researchers have uncovered a new wave of ‘logic bombs’ hidden within commonly used software, designed to disrupt critical industrial systems and corrupt databases, posing significant challenges for detection and forensic investigation.
-
SesameOp Backdoor Leverages OpenAI API for Stealthy Command and Control
Microsoft has identified a novel backdoor, dubbed “SesameOp,” that utilizes OpenAI’s Assistants API as a command-and-control (C2) channel. This sophisticated technique allows threat actors to stealthily orchestrate malicious activities within compromised environments, potentially evading traditional security measures.
-
U.S. Prosecutors Indict Three in BlackCat Ransomware Scheme
Federal prosecutors in the United States have indicted three individuals for allegedly operating as part of a BlackCat (ALPHV) ransomware operation, targeting five U.S. companies and extorting significant sums.
-
SleepyDuck Malware Evolves with Ethereum C2 Resilience
A new sophisticated remote access trojan, dubbed “SleepyDuck,” has been discovered in the Open VSX registry, a marketplace for IDE extensions. Initially published as a benign extension on October 31, 2025, it was updated on November 1, 2025, to include malicious capabilities and has since garnered over 14,000 downloads.