Cool Things In My Cloud

An ongoing smishing campaign is targeting New Yorkers with text messages posing as the Department of Taxation and Finance, claiming to offer «Inflation Refunds» in an attempt to steal victims’ personal and financial data. […]

Spanish Guardia Civil have dismantled the «GXC Team» cybercrime syndicate and arrested its alleged leader, a 25-year-old Brazilian known as «GoogleXcoder.» […]

Cybersecurity company Huntress on Friday warned of «widespread compromise» of SonicWall SSL VPN devices to access multiple customer environments. «Threat actors are authenticating into multiple accounts rapidly across compromised devices,» it said. «The speed and scale of these attacks imply that the attackers appear to control valid credentials rather than brute-forcing.» A significant chunk of

Threat actors are abusing Velociraptor, an open-source digital forensics and incident response (DFIR) tool, in connection with ransomware attacks likely orchestrated by Storm-2603 (aka CL-CRI-1040 or Gold Salem), which is known for deploying the Warlock and LockBit ransomware. The threat actor’s use of the security utility was documented by Sophos last month. It’s assessed that the attackers

Video. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Blog moderation policy.

Microsoft has reminded customers again today that systems running Home and Pro editions of Windows 11 23H2 will stop receiving security updates next month. […]

Threat actors are exploiting a zero-day vulnerability (CVE-2025-11371) in Gladinet CentreStack and Triofox products, which allows a local attacker to access system files without authentication. […]

In today’s hyper-connected world, cyber threats are more sophisticated and frequent than ever – ransomware, data breaches, and social engineering scams, targeting everyone from individuals to Fortune 500 companies. Right now, you can grab «Cybersecurity For Dummies, 3rd Edition» – a $29.99 value – completely FREE for a limited time. […]

Google is updating the Chrome web browser to automatically revoke notification permissions for websites that haven’t been visited recently, to reduce alert overload. […]

Apple is announcing a major expansion and redesign of its bug bounty program, doubling maximum payouts, adding new research categories, and introducing a more transparent reward structure. […]