Cybersecurity & Tech Innovation parent category
‘Vane Viper’ Threat Group Tied to PropellerAds, Commercial Entities Summary Infoblox research reveals that a long-running cybercrime operation dubbed “Vane Viper” is tightly linked to PropellerAds and its parent AdTech Holding. The operation uses hundreds of thousands of compromised sites and malicious advertising to redirect users into exploit kits, malware droppers, botnets, scams and ransomware. […]
Innovative FileFix Phishing Attack Proves Plenty Potent Summary This article from Dark Reading describes a sophisticated, globe-spanning phishing campaign built on the recently publicised FileFix technique. Attackers have rapidly weaponised FileFix—an evolution of ClickFix—using convincing brand impersonation (notably Facebook/Meta), heavy code obfuscation, and steganography to smuggle additional payloads inside images. The final payload often deploys […]
Emerging Yurei Ransomware Claims First Victims Summary Yurei is a recently observed ransomware operator that has already leaked stolen data from several victims, including Sri Lanka’s MidCity Marketing, and additional targets in India and Nigeria. Researchers at Check Point say Yurei uses a lightly modified variant of the open-source Prince-Ransomware (written in Go), which lowers […]
Self-Replicating ‘Shai-hulud’ Worm Targets NPM Packages Summary Shai-hulud is a newly observed self-replicating worm that has infected hundreds of NPM packages. First detected by ReversingLabs on 15 September 2025, the worm installs an info-stealer that harvests tokens, credentials and secrets from developer environments, then uses stolen NPM access to publish poisoned versions of other packages […]
North Korean Group Targets South With Military ID Deepfakes Summary The North Korea-linked APT group Kimsuky has been using generative AI, including ChatGPT, to create deepfaked South Korean military ID documents as part of tailored social‑engineering campaigns aimed at journalists, researchers and human‑rights activists. Genians, a South Korean cybersecurity firm, analysed the campaign and found […]
Critical Bugs in Chaos Mesh Enable Cluster Takeover Summary Researchers at JFrog discovered four vulnerabilities in the Chaos Mesh chaos-engineering platform that can be chained to take over Kubernetes clusters. Dubbed “Chaotic Deputy,” three of the flaws (CVE-2025-59360, CVE-2025-59361, CVE-2025-59359) are critical command-injection issues (CVSS 9.8) allowing execution of arbitrary OS commands on pods; the […]
Court approves $43M settlement in Disney gender pay discrimination case Summary A Los Angeles state judge has given final approval to a $43.25 million class-action settlement against The Walt Disney Co., resolving claims that the company underpaid women, passed them over for promotions and assigned unpaid extra work. Disney has maintained its employment policies are […]
How Customer Advisory Boards Supercharge Account-Based Marketing in 2025 Summary The article argues that 2025 is a year when Account-Based Marketing (ABM) becomes the pragmatic choice for B2B marketers facing tighter budgets and the need for measurable ROI. Customer Advisory Boards (CABs) are presented as powerful accelerants for ABM: they help marketers profile customers, decode […]
‘Lies-in-the-Loop’ Attack Defeats AI Coding Agents Summary Researchers at Checkmarx Zero demonstrated a new prompt-injection vector called “lies-in-the-loop” (LITL) that tricks AI coding agents — demonstrated against Anthropic’s Claude Code — into executing dangerous commands by lying to the agent and to the human reviewer. The team used seemingly benign commands (for example, launching the […]
AI Customer Support Explained: Benefits, Use Cases and Pitfalls to Avoid Summary AI is moving customer support from a reactive, labour‑intensive operation to a proactive, data‑driven function. Modern solutions — from conversational chatbots to real‑time sentiment analysis and agent assist tools — augment human agents by handling repetitive tasks, surfacing context and enabling quicker, more […]
