Blog - inionline.net

Blog

Hackers Weaponize Windows Hyper-V to Hide Linux VM and Evade EDR Detection

The threat actor known as Curly COMrades has been observed exploiting virtualization technologies as a way to bypass security solutions and execute custom malware. According to a new report from Bitdefender, the adversary is said to have enabled the Hyper-V role on selected victim systems to deploy a minimalistic, Alpine Linux-based virtual machine. “This hidden…

Blog

APT ‘Bronze Butler’ Exploits Zero-Day to Root Japan Orgs

A critical security issue in a popular endpoint manager (CVE-2025-61932) allowed Chinese state-sponsored attackers to backdoor Japanese businesses.

Blog

Nikkei Suffers Breach Via Slack Compromise

The Japanese media giant said thousands of employee and business partners were impacted by an attack that compromised Slack account data and chat histories.

Blog

Faster, safer, stronger: Sophos Firewall v22 security enhancements

Hardened kernel, remote integrity monitoring, an enhanced anti-malware engine, and more.

Blog

5 ways to strengthen your firewall and endpoint’s defenses against ransomware

Sophos Firewall uses intelligent TLS inspection and AI-powered analysts to reveal hidden threats — without compromising performance.

Blog

Operational Technology Security Poses Inherent Risks for Manufacturers

Despite increased awareness, manufacturers continue to face an onslaught of attacks.

Blog

Google Uncovers PROMPTFLUX Malware That Uses Gemini AI to Rewrite Its Code Hourly

Google on Wednesday said it discovered an unknown threat actor using an experimental Visual Basic Script (VB Script) malware dubbed PROMPTFLUX that interacts with its Gemini artificial intelligence (AI) model API to write its own source code for improved obfuscation and evasion. “PROMPTFLUX is written in VBScript and interacts with Gemini’s API to request specific…

Blog

Detecting fraudulent North Korean hires: A CISO playbook

Has a North Korean threat actor applied for a position at your organization, or even been hired? We’re sharing a toolkit to help you detect and avoid that risk.

Blog

Critical Site Takeover Flaw Affects 400K WordPress Sites

Attackers are already targeting a vulnerability in the Post SMTP plug-in that allows them to fully compromise an account and website for nefarious purposes.

Blog

Researchers Find ChatGPT Vulnerabilities That Let Attackers Trick AI Into Leaking Data

Cybersecurity researchers have disclosed a new set of vulnerabilities impacting OpenAI’s ChatGPT artificial intelligence (AI) chatbot that could be exploited by an attacker to steal personal information from users’ memories and chat histories without their knowledge. The seven vulnerabilities and attack techniques, according to Tenable, were found in OpenAI’s GPT-4o and GPT-5 models. OpenAI has