Key Findings: Ransomware attacks blocked by the Zscaler cloud rose 146%, the sharpest spike observed in the past three years. Public extortion cases jumped by 70% based on data leak site analysis. Data exfiltration volumes increased 92%. Manufacturing, Technology, and Healthcare were the top targeted industries, and the Oil & Gas sector experienced a 935% increase…
Kaspersky GReAT (Global Research and Analysis Team) experts have discovered open-source packages that download the Quasar backdoor and a stealer designed to exfiltrate cryptocurrency. The malicious packages are intended for the Cursor development environment, which is based on Visual Studio Code — a tool used for AI-assisted coding. The malicious open-source packages are extensions hosted…
The vulnerability in question is tracked as CVE-2025-29824 and it was patched by Microsoft with its April 2025 Patch Tuesday updates. The flaw impacts the Windows Common Log File System (CLFS) and it can be exploited by an attacker to escalate privileges. On the day it released the patches, Microsoft revealed that CVE-2025-29824 had been exploited by…
Cybersecurity researchers have uncovered security shortcomings in SAP AI Core cloud-based platform for creating and deploying predictive artificial intelligence (AI) workflows that could be exploited to get hold of access tokens and customer data. The five vulnerabilities have been collectively dubbed SAPwned by cloud security firm Wiz. “The vulnerabilities we found could have allowed attackers to access customers’ data…
SpyCloud, the leader in Cybercrime Analytics, recently announced the launch of SpyCloud Labs, a targeted cybercrime research effort focused on uncovering and analyzing the digital underground to proactively disrupt cybercrime. With the launch of SpyCloud Labs, the larger security community will have a window into the insights SpyCloud analysts gather about the intricacies of the…
