Multimillion Trust Wallet Browser Extension Hack (v2.68): A CISO-Level Analysis
A malicious update to Trust Wallet’s Chrome extension enabled attackers to steal seed phrases and drain ~$7M in crypto without…
Android Malware Has Grown Up: And It’s Coming for Identity, Not Just Phones
Android malware has evolved into professional, modular platforms combining droppers, SMS interception, and remote control. Mobile devices are now a…
LastPass Data Breach: Lessons for CISOs After 1.6 Million Users Exposed and a £1.2M ICO Fine
The LastPass data breach and subsequent £1.2 million ICO fine highlight a critical reality for CISOs: modern security failures are…
Fortinet Discloses Critical FortiCloud SSO Authentication Bypass Vulnerabilities: What CISOs Must Do Immediately
Critical Fortinet flaws (CVE-2025-59718/59719) allow attackers to bypass FortiCloud SSO using malicious SAML messages. Although not enabled by default, many…
Sryxen Stealer: The New Class of Malware That Turns Chrome Against Itself
Sryxen is a new stealer that bypasses Chrome’s App-Bound Encryption by abusing headless Chrome and the DevTools Protocol, forcing the…
When Trust Becomes the Weakest Link: Potential Supply-Chain Malware via Yealink Downloads
A suspicious ZIP from Yealink’s official CDN contained a trojanized executable, suggesting a possible supply-chain compromise. This case highlights why…
Allurity expands its European cybersecurity presence by acquiring MSF Partners – experts in protecting critical assets and infrastructure
Allurity strengthens its European cybersecurity footprint by acquiring MSF Partners, a Swiss OT security specialist protecting critical infrastructure. The move…
LANDFALL: Inside the Most Advanced Android Spyware Campaign Ever Seen Targeting Samsung Devices
LANDFALL is a sophisticated Android spyware exploiting a Samsung zero-day via DNG zero-click attacks delivered through WhatsApp images. This commercial-grade…
Cloudflare Global Network Outage — What CISOs Need to Know (18 November 2025)
Cloudflare suffered a global service outage impacting the dashboard, Access, WARP, and application services. Recovery is underway. The incident highlights…
PROMPTFLUX: The First AI-Evolving Malware — and What It Really Means for Cybersecurity
AI-driven malware is no longer theoretical. PROMPTFLUX, an experimental VBScript malware leveraging Gemini for real-time code regeneration, shows how threat…