Attacks on Palo Alto PAN-OS Global Protect Login Portals Surge from 2,200 IPs

A massive escalation in attacks targeting Palo Alto Networks PAN-OS GlobalProtect login portals, with over 2,200 unique IP addresses conducting reconnaissance operations as of October 7, 2025. This represents a significant surge from the initial 1,300 IPs observed just days earlier, marking the highest scanning activity recorded in the past 90 days according to GreyNoise Intelligence monitoring. […]

Continue reading


CISA Sounds Alarm on Critical Sudo Flaw Actively Exploited in Linux and Unix Systems

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a critical security flaw impacting the Sudo command-line utility for Linux and Unix-like operating systems to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. The vulnerability in question is CVE-2025-32463 (CVSS score: 9.3), which affects Sudo versions prior to 1.9.17p1. […]

Continue reading


European Airport Cyberattack Linked to Obscure Ransomware, Suspect Arrested

The recent cyberattack aimed at aerospace and defense company Collins Aerospace, which has caused significant disruptions at major airports in Europe, reportedly involved a piece of ransomware known as HardBit. The HardBit ransomware emerged in October 2022 and it came into the spotlight a few months later when it emerged that the cybercriminals were willing to negotiate […]

Continue reading


What happens when a cybersecurity company gets phished?

If you work in cybersecurity, you’ve probably heard the time-honored adage about cyber attacks: “It’s not a matter of if, but when.” Perhaps a better way to think of it is this: while training, experience, and familiarity with social engineering techniques help, anyone can fall for a well-constructed ruse. Everyone – including security researchers – has a vulnerability that […]

Continue reading


Microsoft disrupts global phishing campaign that led to widespread credential theft

Microsoft on Tuesday announced that it had dismantled the infrastructure behind a major phishing-as-a-service operation that had powered attacks on healthcare organizations around the world. The operation, which Microsoft dubbed “Raccoon0365,” sold subscription-based phishing kits that allowed unsophisticated cybercriminals to steal Microsoft 365 account usernames and passwords, the company said in a blog post. It estimated […]

Continue reading