How CISOs can build a high-impact Tier 1 SOC in three practical steps
A high-impact Tier 1 team does not start with more dashboards or more alerts. It starts with better visibility, faster context, and cleaner workflows. Tier…
News
Here you can find the latest news and developments in the VPN world. Read about new breakthroughs, bypassing online censorship, and much more!
How to protect your SaaS from bot attacks with SafeLine WAF
Bot attacks on SaaS products rarely start with a dramatic outage. They usually show up as fake sign-ups, repeated login attempts, API scraping, and quiet…
Fake Google “security check” installs a PWA that can steal OTP codes and turn your browser into a proxy
A new phishing campaign is abusing a fake Google security page to trick users into installing a malicious Progressive Web App, or PWA. Malwarebytes says…
Alabama man pleads guilty in social media hacking and sextortion case involving hundreds of victims
A 22-year-old Alabama man has pleaded guilty after federal prosecutors said he hacked and extorted hundreds of teens and young adults by taking over their…
Florida Woman Sentenced to Prison for $5M Microsoft License Fraud Scheme
A Florida woman has been sentenced to 22 months in federal prison for running a large scheme that sold thousands of unauthorized Microsoft software activation…
UK Warns of Iranian Cyberattack Risks Amid Escalating Middle East Conflict
The United Kingdom has warned businesses and critical infrastructure operators about the growing risk of Iranian cyberattacks as tensions rise in the Middle East. The…
UH Cancer Center says cyberattack may have exposed data on nearly 1.24 million people
The University of Hawaiʻi says a 2025 ransomware attack against the UH Cancer Center’s Epidemiology Division may have exposed sensitive personal data tied to almost…
SloppyLemming targets Pakistan and Bangladesh with BurrowShell and a Rust-based RAT
A cyber-espionage group known as SloppyLemming has been linked to a year-long campaign targeting government and critical infrastructure organizations in Pakistan and Bangladesh. Recent reporting…
D-Shortiez malvertising campaign traps Safari users with back-button hijack tactics
A persistent malvertising operation known as D-Shortiez has been using forced redirects and browser-manipulation tricks to push users into scam pages, with iPhone and Safari…
LexisNexis breach claim raises fresh questions, but key details remain unverified
A threat actor calling itself FulcrumSec has claimed it stole 2.04 GB of data from LexisNexis Legal & Professional, allegedly after exploiting React2Shell, a critical…
Microsoft warns OAuth redirect abuse in Entra ID can power phishing and malware delivery
Microsoft says attackers are abusing a normal OAuth redirect behavior in Microsoft Entra ID to send victims from trusted login pages to attacker-controlled sites. The…
Zerobot now targets Tenda routers and n8n servers to spread Mirai-style malware
Zerobot is back, and this time it is going after both consumer networking gear and business automation servers. Akamai said on February 27 that its…
StegaBin uses malicious npm packages to steal developer credentials through a hidden multi-stage payload
A fresh software supply chain campaign is targeting developers through npm packages that appear harmless at first glance. Security reporting published around March 2 and…
Hackers are using Telegram to sell access to corporate VPN, RDP, and cloud accounts
Telegram has become a serious concern for enterprise defenders. Recent threat research shows that cybercriminals now use Telegram channels and bots to advertise stolen credentials,…
Iran cyber conflict widens after Epic Fury and Roaring Lion, but many attack claims still lack proof
The cyber side of the Iran conflict is clearly growing, but the picture is messy. After the United States and Israel launched their joint campaign…