CrowdStrike announces elimination of 500 jobs as it strategically shifts to AI.
Posted inCybersecurity News

CrowdStrike announces elimination of 500 jobs as it strategically shifts to AI.

CrowdStrike, a leading cybersecurity company, announced in May 2025 that it would cut about 500 jobs, or roughly 5% of its global workforce, as part of a strategic shift to realign its operations and invest more heavily in artificial intelligence (AI). This move comes despite the company reporting significant revenue growth—29% year-over-year, reaching nearly $4 billion for fiscal year 2025—and a strong position in its core market, though it did post a net loss after a previous year of profitability.
XBOW achieves a groundbreaking milestone as the first AI system to surpass human hackers in the HackerOne competition.
Posted inCybersecurity News

XBOW achieves a groundbreaking milestone as the first AI system to surpass human hackers in the HackerOne competition.

XBOW has made history by becoming the first autonomous artificial intelligence to reach the top of the United States HackerOne leaderboard as a vulnerability researcher. In 2025, XBOW’s AI-driven penetration testing tool surpassed all human participants on the platform, marking the first time an autonomous system has achieved this feat in the bug bounty community.
Iranian state-sponsored APT35 is intensifying AI-powered attacks against Israeli tech experts.
Posted inCybersecurity News

Iranian state-sponsored APT35 is intensifying AI-powered attacks against Israeli tech experts.

Iranian state-sponsored hackers linked to APT35 (also tracked as Charming Kitten, Mint Sandstorm, or Educated Manticore) have intensified spear-phishing campaigns targeting Israeli technology experts, cybersecurity professionals, journalists, and academics since mid-June 2025. These attacks escalated following Israeli airstrikes against Iran and leverage AI-generated content for social engineering.
CISA has added three crucial security flags to KVE, highlighting vulnerabilities in AMI MegaRAC, D-Link routers, and FortiOS (hardcoded credentials).
Posted inCybersecurity News

CISA has added three crucial security flags to KVE, highlighting vulnerabilities in AMI MegaRAC, D-Link routers, and FortiOS (hardcoded credentials).

On Wednesday, June 26, 2025, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) added three significant security flaws to its Known Exploited Vulnerabilities (KEV) catalog. These vulnerabilities are actively being exploited in the wild and pose serious risks to affected systems.
Energy sector is being targeted with malware that exploits Microsoft’s ClickOnce deployment on AWS cloud services.
Posted inCybersecurity News

Energy sector is being targeted with malware that exploits Microsoft’s ClickOnce deployment on AWS cloud services.

A sophisticated hacking campaign dubbed “OneClik” is exploiting Microsoft’s ClickOnce deployment technology and AWS cloud services to stealthily target organizations in the energy, oil, and gas sectors. Attackers initiate the attack through phishing emails containing links to fake “hardware analysis” sites hosted on Azure Blob Storage. These sites deliver a ClickOnce manifest (.application file) disguised as legitimate software.
Hundreds of misconfigured MCP servers (used to connect LLMs with third party services) have exposed critical security flaws.
Posted inCybersecurity News

Hundreds of misconfigured MCP servers (used to connect LLMs with third party services) have exposed critical security flaws.

Hundreds of Model Context Protocol (MCP) servers used to connect LLMs with third-party services, data sources, and tools contain critical security flaws in their default configurations. These vulnerabilities expose users to unauthorized operating system command execution, data breaches, and systemic compromise. Below is a detailed analysis of the risks and mitigation strategies.
Researchers discover new wave of malicious npm (Node Package Manager) packages planted by North Korean state-sponsored actors.
Posted inCybersecurity News

Researchers discover new wave of malicious npm (Node Package Manager) packages planted by North Korean state-sponsored actors.

Cybersecurity researchers have recently identified a new wave of malicious npm (Node Package Manager) packages tied to the ongoing “Contagious Interview” operation, which is attributed to North Korean state-sponsored threat actors. This campaign specifically targets software developers who are actively seeking employment, leveraging the trust and routine practices of the tech hiring process.
Researchers find old OAuth vulnerabilities continue to threaten thousands of SaaS applications.
Posted inCybersecurity News

Researchers find old OAuth vulnerabilities continue to threaten thousands of SaaS applications.

Recent research reveals that despite being disclosed in June 2023, the nOAuth vulnerability continues to threaten thousands of SaaS applications. Semperis’s June 2025 findings indicate that over 15,000 enterprise SaaS apps remain exposed to this authentication flaw in Microsoft Entra ID, enabling attackers to hijack user accounts with minimal effort.
Newly emerged ransomware group, Dire Wolf, has already claimed 16 victims in just one month.
Posted inCybersecurity News

Newly emerged ransomware group, Dire Wolf, has already claimed 16 victims in just one month.

Dire Wolf is a newly emerged ransomware group first observed in May 2025, already making a significant impact with targeted attacks against organizations worldwide. As of late June 2025, the group has claimed at least 16 victims across 11 countries, with the United States, Thailand, and Taiwan among the most affected nations. The group’s primary targets are in the manufacturing and technology sectors, but its reach is global and expanding.