Автор: Rob Wright

The campaign infected devices in the US and Southeast Asia to build an operational relay box (ORB) network for use as an extensive cyber-espionage infrastructure.

At this week’s re:Inforce 2025 conference, the cloud giant introduced new capabilities to several core security products to provide customers with better visibility and more context on potential threats.

At this week’s re:Inforce 2025 conference, the cloud giant introduced new capabilities to several core security products to provide customers with better visibility and more context on potential threats.

Proofpoint researchers discovered a large-scale campaign using the open source penetration-testing framework that has targeted more than 80,000 Microsoft accounts.

The move is unrelated to a recent nation-state attack the vendor endured but stems from a report by a third-party researcher.

The two campaigns are good examples of the ever-shrinking time-to-exploit timelines that botnet operators have adopted for newly published CVEs.

Cisco Talos researchers observed the new wiper malware in a destructive attack against an unnamed critical infrastructure organization.

ConnectWise issued a patch to stave off attacks on ScreenConnect customers, but the company’s disclosures don’t explain what the vulnerability is and when it was first exploited.

The software company, which specializes in remote IT management, said a "sophisticated nation state actor" was behind the attack but provided few details.

Red Canary’s MDR portfolio complements Zscaler’s purchase last year of Israeli startup Avalor, which automates collection, curation, and enrichment of security data.