Author: Staff Writer

Shadow AI is now widespread within organisations, with its use often going unmonitored. AI adoption is accelerating faster than security teams can keep up, leading to sensitive data being exposed—and in many cases, there’s no clear ownership of AI risk. Even security teams are going rogue with AI. In a survey of over 500 cybersecurity professionals at RSA Conference and InfoSecurity Europe 2025, AI security testing company Mindgard uncovered a striking trend: security staff are using AI without approval. This rise in Shadow AI is creating a serious blind spot inside the very teams meant to protect the enterprise. Shadow AI refers…

Top Highlights Malware Campaign: Securonix has identified a malware distribution campaign named Serpentine#Cloud that exploits Cloudflare Tunnel to host malicious payloads on attacker-controlled subdomains. Complex Infection Chain: The attack uses a sophisticated infection chain involving LNK files and obfuscated scripts to deploy a Python-based loader, which executes a Donut-packed PE payload in memory. Evolving Delivery Methods: Initially using URL files, the campaign has pivoted to employing BAT files in ZIP archives and, more recently, LNK files disguised as PDFs delivered through phishing emails themed around payments and invoices. Abuse of Cloudflare: The use of Cloudflare tunnels allows attackers to maintain…

Fast Facts Trojanized Repositories Alert: Over 67 new GitHub repositories masquerading as Python hacking tools have been discovered, delivering trojanized payloads instead, part of a campaign called "Banana Squad" by ReversingLabs. Targeting Vulnerable Users: These repositories primarily target users searching for game cheats and account management tools, exploiting their needs for hacked software to spread malware. Growing Supply Chain Threats: The rise of malware in open-source repositories signifies an alarming trend in software supply chain attacks, emphasizing the necessity for developers to validate the software they use. Broader Malicious Activities: Research also indicates a larger "Distribution-as-a-Service" ecosystem, with multiple campaigns…

Essential Insights Data Breach Impact: Krispy Kreme’s ransomware attack in late 2024 affected over 161,000 individuals, primarily current and former employees and their families, with nearly 7,000 Texans impacted. Ransomware Group Involvement: The Play ransomware group claimed responsibility for the cyberattack, stealing 184 GB of sensitive data which was leaked after Krispy Kreme reportedly declined to pay a ransom. Compromised Information: The breach included extensive personal data such as names, Social Security numbers, financial information, and medical records, raising serious privacy concerns. Financial Losses: Krispy Kreme estimated losses exceeding $11 million due to the incident in fiscal 2024, with expectations…

Summary Points Cyberattack Incident: Oxford City Council experienced a cyberattack over the weekend of June 7-8, leading to potential compromise of personal information of current and former employees. System Disruption: Core systems were taken offline for security checks, causing service disruptions, but most impacted systems have now been restored. Compromised Data: Personal details of individuals who worked on council-administered elections from 2001 to 2022 may have been accessed, although there’s no evidence of mass data extraction. Preventive Measures: The council is actively investigating the breach, has contacted affected individuals, and is working with law enforcement to prevent future incidents. Key…

Artificial Intelligence (AI) and machine learning are transforming the cybersecurity landscape with innovative solutions designed to navigate the complexities of our digital world. As cyber attacks become increasingly frequent and sophisticated, organizations are leveraging AI-powered cybersecurity solutions to bolster their defenses. Join us for an enlightening webinar featuring Aidan Holland, a Censys Security Researcher, who will guide you through the transformative potential of generative AI in cybersecurity. This session introduces CensysGPT, a groundbreaking tool revolutionizing threat hunting and research. Aidan will demonstrate how CensysGPT, with its unique AI and machine learning capabilities, facilitates natural language queries, translates competitor searches, and…

Top Highlights No New Breach: The recent "mother of all breaches" is not a new data breach; it’s a compilation of previously stolen credentials from infostealers and data breaches, circulating for years and repackaged by cybersecurity firms or cybercriminals. Infostealer Malware: Infostealers are a significant threat, capturing and storing vast amounts of user credentials from compromised devices, which are then sold or used in further attacks. Credential Availability: Over 64,000 credential pairs have been shared freely online, contributing to billions of leaked records and compounding the ongoing cybersecurity risk. Best Practices: Users should scan for malware, adopt strong, unique passwords,…

Quick Takeaways Cyberattack Details: Viasat has become a target of China’s Salt Typhoon cyber-espionage group, following previous breaches of multiple telecom providers globally, including AT&T and Verizon. Impact Assessment: Despite discovering the breach earlier this year, Viasat claims no evidence suggests customer impact, and the incident has been remediated with close coordination with federal authorities. Historical Context: This breach follows a significant cyberattack on Viasat’s KA-SAT service in February 2022, which affected thousands of customers and vital infrastructure shortly before Russia’s invasion of Ukraine. Ongoing Threat: Salt Typhoon has been actively targeting telecom companies since 2019, exploiting vulnerabilities in unpatched…

Fast Facts Key Threats Highlighted: The 2025 Verizon Data Breach Investigations Report reveals that credential theft and phishing remain dominant attack methods, while ransomware threats are escalating, underscoring the need for improved security measures. GenAI Risks: 72% of GenAI logins occur via personal identities, with 60% lacking single sign-on (SSO), which poses significant vulnerabilities; only 11% of connections use fully secured corporate identities with enforced SSO. Inadequate Legacy Solutions: Many enterprises depend on outdated security solutions that fail to provide adequate visibility and agility against modern threats, necessitating an evolution in cybersecurity strategies. Webinar Insights: LayerX is hosting a session…

Top Highlights Credential-based Attacks Rising: Cybercriminals increasingly exploit stolen credentials to access networks, bypassing the need for zero-day vulnerabilities. Webinar Insights: A webinar titled "Stolen Credentials: The New Front Door to Your Network" will address the mechanics of these attacks and prevention strategies, featuring identity security expert Darren Siegel from Specops Software. Infostealer Malware Impact: Infostealer campaigns have surged, compromising billions of credentials and fueling a profitable cybercrime market, where stolen credentials can be purchased cheaply. Defensive Strategies: The webinar will cover effective methods for detecting compromised accounts, bypassing MFA, and enhancing identity security to thwart lateral movement in networks.…