Glide Identity Partners With Google Cloud and Major Telcos
Post Content
Threat Actor ‘JavaGhost’ Targets AWS Environments in Phishing Scheme
Palo Alto Networks’ Unit 42 details how a threat actor is dodging detection with careful targeting and the use of Amazon’s native email tools.
Serbian Police Hack Protester’s Phone With Cellebrite Exploit Chain
Amnesty International said Serbian police used an exploit chain in tandem with legitimate mobile extraction dongle from vendor Cellebrite in an attack that brings up questions around ethical technology development.
Jamf Buys Identity Automation, Expands IAM Capabilities
The $215 million acquisition will allow Jamf offer dynamic identity capabilities and device access in a single platform.
Researchers Link CACTUS Ransomware Tactics to Former Black Basta Affiliates
Threat actors deploying the Black Basta and CACTUS ransomware families have been found to rely on the same BackConnect (BC) module for maintaining persistent control over infected hosts, a sign that affiliates previously associated with Black Basta may have transitioned to CACTUS. “Once infiltrated, it grants attackers a wide range of remote control capabilities, allowing…
Why Cybersecurity Jobs Are Hard to Find Amid a Worker Shortage
The cybersecurity job market nowadays is facing an unusual paradox: Many roles seem open, but competition and hiring practices can make securing a position a real challenge.
VMware Security Flaws Exploited in the Wild—Broadcom Releases Urgent Patches
Broadcom has released security updates to address three actively exploited security flaws in VMware ESXi, Workstation, and Fusion products that could lead to code execution and information disclosure. The list of vulnerabilities is as follows – CVE-2025-22224 (CVSS score: 9.3) – A Time-of-Check Time-of-Use (TOCTOU) vulnerability that leads to an out-of-bounds write, which a malicious…
How New AI Agents Will Transform Credential Stuffing Attacks
Credential stuffing attacks had a huge impact in 2024, fueled by a vicious circle of infostealer infections and data breaches. But things could be about to get worse still with Computer-Using Agents, a new kind of AI agent that enables low-cost, low-effort automation of common web tasks — including those frequently performed by attackers. Stolen…
Suspected Iranian Hackers Used Compromised Indian Firm’s Email to Target U.A.E. Aviation Sector
Threat hunters are calling attention to a new highly-targeted phishing campaign that singled out “fewer than five” entities in the United Arab Emirates (U.A.E.) to deliver a previously undocumented Golang backdoor dubbed Sosano. The malicious activity was specifically directed against aviation and satellite communications organizations, according to Proofpoint, which detected it in late October