2025

Sneaky Serpentine#Cloud slithers through Cloudflare tunnels to inject orgs with Python-based malware

Phishing, Python and RATs, oh my A sneaky malware campaign slithers through Cloudflare tunnel subdomains to execute in-memory malicious code and give unknown attackers long-term access to pwned machines.…

Iran’s internet goes offline for hours amid claims of ‘enemy abuse’

Bank and crypto outfits hit after Israeli commander mentioned attacks expanding to ‘other areas’ The government of Iran appears to have shut down the internet within its borders, perhaps in response to Israel-linked cyberattacks.…

Veeam patches third critical RCE bug in Backup & Replication in space of a year

Version 13 can’t come soon enough Veeam Backup & Replication users are urged to apply the latest patches that fix another critical bug leading to remote code execution (RCE) on backup servers.…

How to bridge the MFA gap

If a credential is worth protecting, it's worth protecting well. Sponsored feature  What do flossing and multi-factor authentication (MFA) have in common? Each is highly beneficial, yet far too few people do them consistently. MFA helps protect organizations from credential-based attacks, but according to the Cyber Readiness Institute,…

Amazon CISO: Iranian hacking crews ‘on high alert’ since Israel attack

Meanwhile, next-gen script kiddies are levelling up faster thanks to agentic AI Interview  Iran's state-sponsored cyber operatives and hacktivists have all increased their activities since the military conflict with Israel erupted last week – but not necessarily in the way that Amazon chief information security officer CJ Moses…

Trump administration set to waive TikTok sell-or-die deadline for a third time

Quick reminder: The law that banned the app is called ‘Protecting Americans from Foreign Adversary Controlled Applications Act’ The Trump administration is set to again waive the 2024 law that requires the made-in-China social network TikTok to either sell its US operations to a local company or stop…

AWS locks down cloud security, hits 100% MFA enforcement for root users

Plus adds a ton more security capabilities for cloud customers at re:Inforce Amazon Web Services hit a major multi-factor authentication milestone, achieving 100 percent MFA enforcement for root users across all types of AWS accounts.…

Sitecore CMS flaw let attackers brute-force ‘b’ for backdoor

Hardcoded passwords and path traversals keeping bug hunters in work Security researchers have issued a warning about a pre-authentication exploit chain affecting a CMS used by some of the biggest companies in the world.…

Redefining identity security in the age of agentic AI

Now AI agents have identity, too. Here's how to handle it Partner content  The rise of agentic AI systems is rewriting the rules of cybersecurity. Unlike generative AI, which relies on predefined instructions or prompts, AI agents operate autonomously, learn continuously, and act with minimal oversight. They collaborate…

23andMe hit with £2.3M fine after exposing genetic data of millions

Penalty follows year-long probe into flaws that allowed attack to affect so many The UK's data watchdog is fining beleaguered DNA testing outfit 23andMe £2.31 million ($3.13 million) over its 2023 mega breach.…

Copyright © 2026 Lugapel