SC Media

ENISA NIS360 2026 report shows uneven cybersecurity improvements across EU critical sectors

The report assesses the cybersecurity landscape against the NIS2 directive, highlighting a growing gap between the evolving threat landscape and the pace of ...

SC Media →

Russian hackers exploit WinRAR vulnerability for data theft

The exploitation chain begins with a weaponized HTML Application payload called GammaPhish, which retrieves intermediate Visual Basic Script (VBScript) downl...

SC Media →

Most organizations that miss 24-hour patch window report breaches

Study points out that AI has shattered the model of patching on a two- to four-week schedule.

SC Media →

Google releases June Android security patches addressing 124 vulnerabilities, including 1 zero-day

The actively exploited vulnerability, identified as CVE-2025-48595, is a high-severity flaw in the Android Framework that allows local attackers to gain code...

SC Media →

SideCopy group targets Afghanistan's Ministry of Finance with Xeno RAT

The campaign commences with a spear-phishing email containing a ZIP archive with a malicious LNK file written in Pashto, designed to exploit the familiarity ...

SC Media →

CISA orders agencies to patch critical Oracle WebLogic Server vulnerability

The vulnerability, CVE-2024-21182, affects Oracle WebLogic Server versions 12.2.

SC Media →

Sectigo launches AI-powered server for certificate lifecycle management

The MCP Server for Sectigo Certificate Manager acts as a secure intermediary between AI agents, such as Microsoft Copilot and Claude, and Sectigo's certifica...

SC Media →

DriveSurge actor uses ClickFix and FakeUpdates to distribute malware via compromised websites

The DriveSurge threat actor operates as an initial access broker, utilizing a pay-per-install model to facilitate subsequent attacks, according to research b...

SC Media →

JupiterOne launches continuous controls monitoring for security and compliance

JupiterOne Inc. has launched JupiterOne Continuous Controls Monitoring (CCM), a new product designed to test the effectiveness of security and compliance con...

SC Media →

Heraclitus, AI LLMs, SSO, TTP, NetLogon, PAN-OS, AI Cost, Aaran Leyland... - SWN #586

SC Media →

Why supply chain attacks work and what detection can actually do about it

Here’s what to do in a world where credential theft has been automated and turned into a commodity.

SC Media →

Why One-Size-Fits-All Security Fails (And How to Reduce Your Attack Surface) - WC #1

SC Media →

Spanish police arrest individual in connection with data leak from state organizations

The arrested individual is accused of disseminating data from entities such as the State Attorney General's Office, INCIBE, the National Police, the Civil Gu...

SC Media →

Microsoft denies legal action against researchers after slamming BlueHammer publisher

The company was criticized after a blog posted that suggested law enforcement involvement.

SC Media →

BadHost, Dead CTFs, Exploding NPMs, and the Verizon DBIR - ASW #385

SC Media →

Malware hides in Steam comments to infect WordPress sites

The malware campaign, discovered in July 2025, has affected approximately 1,980 WordPress sites.

SC Media →

AI-powered threats target 2026 election communications

The report highlights a significant trend where threat actors are leveraging artificial intelligence (AI) to amplify the scale and effectiveness of their att...

SC Media →

Fingerprint launches AI assistant detection tools

The new AI Assistant Detection product provides real-time visibility into traffic from major AI assistants like ChatGPT, Gemini and Claude.

SC Media →

Ransomware leak posts show weekday peak, October spikes

The data analyzed by the Ransomnews Research Team indicates that ransomware operations largely follow a business week, with significantly fewer posts on Sund...

SC Media →

Pretalx vulnerability allows account takeover and admin demotion

The vulnerability, with a CVSS score of 8.7, can be exploited with low privileges and complexity.

SC Media →