Cybersecurity & Tech Innovation parent category
Federal Cuts Put Local, State Agencies at Cyber-Risk Summary Cybercriminals and nation-state actors are increasingly targeting state and local governments, just as federal cybersecurity funding and staffing that once supported those jurisdictions are being cut. Recent high-profile incidents — including ransomware hits on Nevada and the City of St. Paul, attacks on tribal and state […]
Scammers Are Using Grok to Spread Malicious Links on X Summary Bad actors on X (formerly Twitter) have discovered a technique labelled “grokking” to bypass X’s ban on links in promoted posts. Scammers place malicious URLs in the small “From” caption of video cards, then prompt X’s AI assistant Grok via comments (for example: “@grok […]
Secretive MaaS Group ‘TAG-150’ Develops Novel ‘CastleRAT’ Summary Researchers have uncovered a relatively new but effective malware-as-a-service (MaaS) operation labelled TAG-150 that centres on a loader (CastleLoader) and an expanding ecosystem often called CastleBot. The operation has been linked to more than 1,600 distribution events with roughly 470 confirmed infections and disproportionately affects US-based and […]
Critical SAP S/4HANA Vulnerability Under Attack, Patch Now Summary A critical code-injection vulnerability in SAP S/4HANA (CVE-2025-42957) with a 9.9 CVSS score has been confirmed under active exploitation. The flaw lets a low-privileged user inject ABAP code that can escalate to full control of the SAP system and the host operating system. SecurityBridge discovered the […]
Anyone Using Agentic AI Needs to Understand Toxic Flows Summary Agentic AI — systems that act autonomously and chain tools together — is being pushed across enterprises as a productivity lifeline. But researchers warn of a new class of security risk called “toxic flows”: dangerous sequences of interactions between agents, connectors (like MCP servers), enterprise […]
The Critical Failure in Vulnerability Management Summary The article argues that vulnerability management (VM) is failing to deliver true security because the market focused on finding issues rather than fixing them. Vendors grew by scaling detection and reporting, creating scan fatigue and a backlog of unresolved risks. Cloud-focused shifts help in controlled environments but leave […]
45 New Domains Linked to Salt Typhoon, UNC4841 Summary Researchers at Silent Push uncovered 45 previously unreported domains tied to China‑backed threat actors Salt Typhoon and UNC4841. The domains, some registered as far back as 2020, were created using fake personas, addresses and ProtonMail accounts and were used to enable long‑term, stealthy access for cyber‑espionage […]
Salesloft Breached via GitHub Account Compromise Summary A threat actor tracked as UNC6395 compromised Salesloft’s GitHub account earlier this year, exfiltrated repository data and used information gathered to move into Drift’s AWS environment. The attacker stole OAuth tokens tied to Drift integrations and abused them to access hundreds of customers’ Salesforce instances and other integrated […]
SentinelOne Announces Plans to Acquire Observo AI Summary Threat detection vendor SentinelOne has announced plans to acquire Observo AI to strengthen its AI SIEM and security data capabilities. Observo, founded in 2022, provides an AI-native telemetry pipeline that ingests, summarises and routes security and observability data in real time to security and DevSecOps teams. SentinelOne […]
‘MostereRAT’ Malware Blends In, Blocks Security Tools Summary Fortinet’s FortiGuard Labs has detailed a new campaign using a banking-malware-turned-RAT tracked as MostereRAT. The threat targets Windows users (so far observed in Japan) via phishing that drops a weaponised Word document which stages and executes encrypted payloads in multiple phases. The malware uses the uncommon Easy […]
