Latest Threat Intel

Scattered Spider hackers have been aggressively targeting virtualized environments by attacking VMware ESXi hypervisors at U.S. companies in the retail, airline, transportation, and insurance sectors. According to the Google Threat Intelligence Group (GITG), the attackers keep employing their usual tactics that do not include vulnerability exploits but rely on perfectly executed social engineering “to bypass even

More than 200,000 WordPress websites are using a vulnerable version of the Post SMTP plugin that allows hackers to take control of the administrator account. Post SMTP is a popular email delivery plugin for WordPress that counts more than 400,000 active installations. It’s marketed as a replacement of the default ‘wp_mail()’ function that is more

Article written by cybersecurity expert Yuriy Tsibere. Gone are the days when cybersecurity meant stopping annoying viruses like the Love Bug. Today, it’s about battling a massive, financially motivated cybercrime industry. Attacks are smarter, faster, and more damaging—and that changes everything for product teams. For product managers (PMs), this means understanding that attackers are constantly

Mitel Networks has released security updates to patch a critical-severity authentication bypass vulnerability impacting its MiVoice MX-ONE enterprise communications platform. MX-ONE is the company’s SIP-based communications system, which can scale to support hundreds of thousands of users. The critical security flaw is due to an improper access control weakness discovered in the MiVoice MX-ONE Provisioning

Unknown threat actors have reportedly breached the National Nuclear Security Administration’s network in attacks exploiting a recently patched Microsoft SharePoint zero-day vulnerability chain. NNSA is a semi-autonomous U.S. government agency part of the Energy Department that maintains the country’s nuclear weapons stockpile and is also tasked with responding to nuclear and radiological emergencies within the

Cisco is warning that three recently patched critical remote code execution vulnerabilities in Cisco Identity Services Engine (ISE) are now being actively exploited in attacks. Although the vendor did not specify how they were being exploited and whether they were successful, applying the security updates as soon as possible is now critical. “In July 2025, the

The House of Dior (Dior) is sending data breach notifications to U.S. customers informing them that a May cybersecurity incident compromised their personal information. Dior is a French luxury fashion house, part of the LVMH (Moët Hennessy Louis Vuitton) group, which is the world’s largest luxury conglomerate. The Dior brand alone generates an annual revenue of

A PoisonSeed phishing campaign is bypassing FIDO2 security key protections by abusing the cross-device sign-in feature in WebAuthn to trick users into approving login authentication requests from fake company portals. The PoisonSeed threat actors are known to employ large-volume phishing attacks for financial fraud. In the past, distributing emails containing crypto seed phrases used to drain cryptocurrency

Popular JavaScript libraries were hijacked this week and turned into malware droppers, in a supply chain attack achieved via targeted phishing and credential theft. The npm package eslint-config-prettier, downloaded over 30 million times weekly, was compromised after its maintainer fell victim to a phishing attack. Another package eslint-plugin-prettier from the same maintainer was also targeted. The attacker(s) used