ICYMI: 2025-05-01
Latest Headlines
Fake Security Plugin on WordPress Enables Remote Admin Access for Attackers
Why top SOC teams are shifting to Network Detection and Response
Claude AI Exploited to Operate 100+ Fake Political Personas in Global Influence Campaign
DarkWatchman, Sheriff Malware Hit Russia and Ukraine with Stealth and Nation-Grade Tactics
Commvault Confirms Hackers Exploited CVE-2025-3928 as Zero-Day in Azure Breach
SonicWall Confirms Active Exploitation of Flaws Affecting Multiple Appliance Models
Year of the Twin Dragons: Developers Must Slay the Complexity and Security Issues of AI Coding Tools
Commvault Shares IoCs After Zero-Day Attack Hits Azure Environment
Actions Over Words: Career Lessons for the Security Professional
Ascension Discloses Data Breach Potentially Linked to Cleo Hack
SentinelOne Targeted by North Korean IT Workers, Ransomware Groups, Chinese Hackers
Strengthening Cybersecurity Governance – CISO Best Practices
Nitrogen Ransomware Actors Attacking Organization With Cobalt Strike & Erases Log Data
New Remote Desktop Puzzle Let Hackers Exfiltrate Sensitive Data From Organization
Researchers Uncovered Threat Actors TTP Patterns & Role in DNS in Investment Scams
New WordPress Malware as Anti-Malware Plugin Take Full Control of Website
Cybercriminals Deceive Tenants into Redirecting Rent Payments to Fraudulent Accounts
Researchers Find Way to Bypass Phishing-Resistant MFA in Microsoft Entra ID
New Powerful Nullpoint-Stealer With Extensive Capabilities Hosted on GitHub
Hacker ‘NullBulge’ pleads guilty to stealing Disney’s Slack data
Pro-Russia hacktivists bombard Dutch public orgs with DDoS attacks
Malicious PyPI packages abuse Gmail, websockets to hijack systems
Hackers abuse IPv6 networking feature to hijack software updates
– MTZ