Safe Events Start With Threat Intel and Digital Security
Planning ahead to defend against cyber threats is the work that keeps events uneventful.
Planning ahead to defend against cyber threats is the work that keeps events uneventful.
Digital transformation has revolutionized industries with critical infrastructure — but it has also introduced new vulnerabilities.
What is the Attack? A sophisticated nation-state actor gained long-term access to F5’s corporate networks and exfiltrated files from BIG-IP product development and engineering knowledge-management systems, including portions of BIG-IP source code and information about previously undisclosed vulnerabilities. F5 has released security updates and advisories covering affected products. The stolen data could accelerate exploit development…
Multi-factor authentication (MFA) has quickly become the standard for securing business accounts. Once a niche security measure, adoption is on the rise across industries. But while it’s undeniably effective at keeping bad actors out, the implementation of MFA solutions can be a tangled mess of competing designs and ideas. For businesses and employees, the reality…
A Chinese-speaking threat actor tracked as UAT-6382 has been linked to the exploitation of a now-patched remote-code-execution vulnerability in Trimble Cityworks to deliver Cobalt Strike and VShell. “UAT-6382 successfully exploited CVE-2025-0944, conducted reconnaissance, and rapidly deployed a variety of web shells and custom-made malware to maintain long-term access,” Cisco Talos researchers
Threat actors are leveraging bogus installers masquerading as popular software to trick users into installing malware as part of a global malvertising campaign dubbed TamperedChef. The end goal of the attacks is to establish persistence and deliver JavaScript malware that facilitates remote access and control, per a new report from Acronis Threat Research Unit (TRU)….
GitHub has rolled out new controls for npm to improve the security of the software supply chain, giving maintainers the ability to explicitly approve a release prior to the packages becoming publicly available for installation. Called staged publishing, the feature is now generally available on npm. It mandates that a human maintainer pass a two-factor…