Cyber Due Diligence
APT ‘Bronze Butler’ Exploits Zero-Day to Root Japan Orgs
A critical security issue in a popular endpoint manager (CVE-2025-61932) allowed Chinese state-sponsored attackers to backdoor Japanese...
Nikkei Suffers Breach Via Slack Compromise
The Japanese media giant said thousands of employee and business partners were impacted by an attack that compromised Slack account dat...
Operational Technology Security Poses Inherent Risks for Manufacturers
Despite increased awareness, manufacturers continue to face an onslaught of attacks.
Critical Site Takeover Flaw Affects 400K WordPress Sites
Attackers are already targeting a vulnerability in the Post SMTP plug-in that allows them to fully compromise an account and website fo...
Risk ‘Comparable’ to SolarWinds Incident Lurks in Popular Software Update Tool
Some of the world's biggest technology companies use a program liable to introduce malware into their software. The potential consequen...
Closing the AI Execution Gap in Cybersecurity — A CISO Framework
CISOs must navigate five critical dimensions of AI in cybersecurity: augmenting security with AI, automating security with AI, protecti...
Iran’s Elusive "SmudgedSerpent’ APT Phishes Influential US Policy Wonks
Iran is spying on American foreign policy influencers. But exactly which of its government's APTs is responsible remains a mystery.
Kimsuky Debuts HTTPTroy Backdoor Against South Korea Users
The well-known North Korean threat group continues to improve the obfuscation and anti-analysis features of its attack toolchain.
AI App Spending Report: Where Are the Security Tools?
An analysis of startup firms' spending on AI applications finds the top categories to be productivity and content-generation. Security?...
Pro-Russian Hackers Use Linux VMs to Hide in Windows
A threat actor known as "Curly COMrades" is using Linux VMs to remain undetected in Windows environments while conducting Russia-aligne...