Discord flaw lets hackers reuse expired invites in malware campaign
Hackers are hijacking expired or deleted Discord invite links to redirect users to malicious sites that deliver remote access trojans and information-stealing malware.
Two months of Burp AI: empowering security testers with the future of AppSec
It’s been a whirlwind two months since AI-powered features landed in Burp Suite Professional. Thousands of security testers across the world have been using Burp AI to find vulnerabilities and secure
CISA warns of SimpleHelp ransomware compromises after string of retail attacks
Ransomware gangs leveraged a vulnerability to access unpatched versions of SimpleHelp's remote monitoring and management tool to disrupt services in double extortion compromises.
CCM: Avoid Vendor Lock-In with Portability Controls | CSA
Implement the 11th domain of CCM: Interoperability & Portability. Avoid vendor lock-in and ensure seamless data exchange across multiple platforms and CSPs.
Victoria’s Secret restores critical systems after cyberattack
Victoria's Secret has restored all critical systems impacted by a May 24 security incident that forced it to shut down corporate systems and the e-commerce website.
Dive into the details of a real world rootkit & learn how Kernel Integrity Measurement technology detects novel rootkits that exploit zero day vulnerabilities.
Paragon Spyware used to Spy on European Journalists - Schneier on Security
Paragon is a Israeli spyware company, increasingly in the news (now that NSO Group seems to be waning). “Graphite” is the name of their product. Citizen Lab caught them spying on multiple European journalists with a zero-click iOS exploit: On April 29, 2025, a select group of iOS users were notified by Apple that they were targeted with advanced spyware. Among the group were two journalists that consented for the technical analysis of their cases. The key findings from our forensic analysis of their devices are summarized below: Our analysis finds forensic evidence confirming with high confidence that both a prominent European journalist (who requests anonymity), and Italian journalist Ciro Pellegrino, were targeted with Paragon’s Graphite mercenary spyware. ...
Apple Zero-Click Flaw in Messages Exploited to Spy on Journalists Using Paragon Spyware
Apple patched zero-day flaws exploited to deploy Paragon’s Graphite spyware targeting journalists and civil society, raising global spyware concerns.