SubSnipe is an open-source tool designed to identify vulnerable subdomains at risk of takeover. Created by Florian Walter, the tool offers improved accuracy and efficiency compared to other similar tools by conducting additional verification steps.

According to Sophos, ransomware attacks on critical national infrastructure (CNI) organizations have seen a significant increase in costs over the past year, with the median ransom payments reaching $2.54 million.

Security firm Sygnia revealed that GhostEmperor recently compromised a network, using it as a launchpad to access another victim’s systems. This marks the first public report on the group since it was identified by Kaspersky Lab in 2021.

A recent report reveals that private sector stakeholders in the marine transportation system are hesitating to utilize critical cybersecurity services offered by the U.S. Coast Guard.

Interpol’s global operation, Jackal III, targeted West African cybercrime groups, including Black Axe. It resulted in 300 arrests across 21 countries, seizure of $3 million, identification of 400 suspects, and the blocking of over 720 bank accounts.

The US Cybersecurity and Infrastructure Security Agency (CISA) issued a directive to federal agencies to fix a critical vulnerability in GeoServer, a popular open-source server, that is actively being exploited.

Scattered Spider, a notorious cybercrime group, has added ransomware strains RansomHub and Qilin to its arsenal, as revealed by Microsoft. They are known for sophisticated social engineering tactics to breach targets and steal data.

By exploiting this flaw, attackers could bypass critical authentication checks, manipulating JSON-encoded POST data to elevate their privileges and effectively log in as site administrators.

One-third of software development professionals lack awareness of secure practices, according to a report by the Linux Foundation and the Open Source Security Foundation.