Blog

The malware loader known as MintsLoader has been used to deliver a PowerShell-based remote access trojan called GhostWeaver. “MintsLoader operates through a multi-stage infection chain involving obfuscated JavaScript and PowerShell scripts,” Recorded Future’s Insikt Group said in a report shared with The Hacker News. “The malware employs sandbox and virtual machine evasion techniques, a domain

A year after Microsoft announced passkeys support for consumer accounts, the tech giant has announced a big change that pushes individuals signing up for new accounts to use the phishing-resistant authentication method by default. “Brand new Microsoft accounts will now be ‘passwordless by default,’” Microsoft’s Joy Chik and Vasu Jakkal said. “New users will have…

This year’s top cyber challenges include cloud authorization sprawl, ICS cyberattacks and ransomware, a lack of cloud logging, and regulatory constraints keeping defenders from fully utilizing AI’s capabilities.

A panelist of SANS Institute leaders detailed current threats and provided actionable steps for enterprises to consider.

Real IDs have been in the works since 2005. Are their security standards still rigorous enough in 2025?

Microsoft has set May 5 as the deadline for bulk email compliance. In this Tech Tip, we show how organizations can still make the deadline.

Cybersecurity researchers have shed light on a new campaign targeting WordPress sites that disguises the malware as a security plugin. The plugin, which goes by the name “WP-antymalwary-bot.php,” comes with a variety of features to maintain access, hide itself from the admin dashboard, and execute remote code. “Pinging functionality that can report back to a…

A LevelBlue report looks at what goes into the security postures of a cyber-resilient organization, and found that AI is still a blind spot.

How one unreasonable client got lucky during a cyber incident, despite their unreasonable response to the threat.

How to make the most of the new features in Sophos Firewall v21.5.