Netskope Threat Labs is tracking a widespread phishing campaign affecting hundreds of Netskope customers and thousands of users. The campaign aims to steal credit card information to commit financial fraud, and has been ongoing since the second half of 2024. The attacker targets victims searching for documents on search engines, resulting in access to malicious PDF that contains a CAPTCHA image embedded with a phishing link, leading them to provide sensitive information.

As of January 17, 2025, all financial entities and their information and communication technology (ICT) service providers catering to EU entities must comply with the Digital Operational Resilience Act (DORA). ‍ If you’re new to the regulation, you can reduce the potential overwhelm caused by its various requirements by using a concise compliance checklist. To help, we’ve created a robust guide that covers everything you should know, including: ‍

Today, I will be going over Control 2 from version 8.1 of the top 18 CIS Controls – Inventory and Control of Software Assets. I will go over the seven safeguards and offer my thoughts on what I’ve found.

DeepSeek, founded by Liang Wenfeng, is an AI development firm located in Hangzhou, China. The company focuses on developing open source Large Language Models (LLMs) and specializes in data analytics and machine learning. DeepSeek gained global recognition in January 2025 with the release of its R1 reasoning model rivalling OpenAI's o1 model in performance but at a substantially lower cost.

A PowerShell function is a block of code designed to perform a specific task. Once a function is created and tested, it can be used in multiple scripts, reducing coding effort and risk of errors. Using well-named functions also makes scripts easier to read and maintain. And since functions can return values that can be used as input to other functions or code blocks, they facilitate building complex operations.

SQL Injection (SQL) also known as SQLI is a severe security vulnerability that allows attackers to interfere with the queries and applications made to its database. By inserting malicious SQL code into input fields, attackers can manipulate the database, leading to unauthorized data access, data corruption, or even complete system compromise. This attack technique is made possible because of improper coding of web applications.

In today’s digital landscape, cyber threats are evolving at an unprecedented pace, growing more sophisticated and harder to detect. With each passing day, businesses and individuals alike find themselves navigating an increasingly complex threat environment. This complexity isn’t just about the number of attacks, it’s about their evolving tactics, the widening attack surface, and the sheer difficulty of distinguishing real threats from background noise.

Community Health Center (CHC) is a non-profit founded in 1972 and headquartered in Middletown, Connecticut. It offers a broad range of services, including dentistry, primary care, urgent care, specialty medical services, and behavioral health. CHC provides healthcare services to residents in various parts of the state, including Bristol, Hartford, Waterbury, Middletown, Stamford, and New Britain.

Welcome back to our series on the evolution of scalper bots. So far, we have traced scalping from its early ticket resale roots to the rise of automated bots. We have explored the ongoing battle between bot developers and anti-bot defenses and examined how scalping evolved into a professionalized, multi-million-dollar industry. In our last post, we uncovered a hidden sub-market where traders aggressively bought, sold, and exchanged bot licenses just like the products they acquired.