AI is not going to take over lawyers’ jobs – yet – Legal Futures
The end is nigh. Robotic lawyers are coming for your jobs. Machines in snazzy suits will soon be swaggering into courtrooms, offering legal advice with the efficiency of a microwave…
April 2025
New ResolverRAT malware targets healthcare and pharma orgs worldwide – CSO Online
Security researchers have observed a new malware payload deployed in attacks against the healthcare and pharmaceutical sectors. Dubbed ResolverRAT, the remote access Trojan features in-memory execution and sophisticated anti-analysis and…
Accounting Firms Can’t Skimp on Cybersecurity – Dark Reading
Cybercriminals capitalize on tax preparation stress, technology sprawl, and lax communications. Accounting teams can’t afford to treat cybersecurity as an afterthought. – Read More
Max Severity Bug in Apache Roller Enabled Persistent Access – Dark Reading
The remediated flaw gave adversaries a way to maintain access to the app through password resets. – Read More
With AI’s Help, Bad Bots Are Taking Over the Web – Dark Reading
Bad bots are becoming increasingly difficult to detect as they more easily mimic human behaviors and utilize evasion techniques, researchers say. – Read More
AI-Powered Presentation Tool Leveraged in Phishing Attacks – Dark Reading
Researchers at Abnormal Security said threat actors are using a legitimate presentation and graphic design tool named “Gamma” in phishing attacks. – Read More
Hertz Falls Victim to Cleo Zero-Day Attacks – Dark Reading
Customer data such as birth dates, credit card numbers and driver’s license information were stolen when threat actors exploited zero-day vulnerabilities in Cleo-managed file transfer products. – Read More
Wave of Wine-Inspired Phishing Attacks Targets EU Diplomats – Dark Reading
Russia-backed APT29’s latest campaign once again uses malicious invites to wine-tasting events as its lure, but this time targets a different set of vintages — errr, victims — and delivers…
Chinese Hackers Target Linux Systems Using SNOWLIGHT Malware and VShell Tool – The Hacker News
The China-linked threat actor known as UNC5174 has been attributed to a new campaign that leverages a variant of a known malware dubbed SNOWLIGHT and a new open-source tool called…
“Is existing continued professional development process still fit for purpose”? – Law Gazette – Features
Professional Development. (Sponsored content.) – Read More
Are We Prioritizing the Wrong Security Metrics? – Dark Reading
True security isn’t about meeting deadlines — it’s about mitigating risk in a way that aligns with business objectives while protecting against real-world threats. – Read More
China-Backed Threat Actor ‘UNC5174’ Using Open Source Tools in Stealthy Attacks – Dark Reading
Sysdig researchers detailed an ongoing campaign from China-backed threat actor UNC5174, which is using open source hacking tools to stay under the radar. – Read More
A Proven 3-Step Approach to Review, Redline, and Negotiate Construction Contracts Successfully – Contract Nerds
Key Takeaways: Reading the contract all the way through at least once before you begin to redline will give you a roadmap to follow as you begin your review. Having…
Critical Apache Roller Vulnerability (CVSS 10.0) Enables Unauthorized Session Persistence – The Hacker News
A critical security vulnerability has been disclosed in the Apache Roller open-source, Java-based blogging server software that could allow malicious actors to retain unauthorized access even after a password change.…
Malicious PyPI Package Targets MEXC Trading API to Steal Credentials and Redirect Orders – The Hacker News
Cybersecurity researchers have disclosed a malicious package uploaded to the Python Package Index (PyPI) repository that’s designed to reroute trading orders placed on the MEXC cryptocurrency exchange to a malicious…