China-Nexus Actors Weaponize ‘Nezha’ Open Source Tool – Dark Reading
A threat actor is putting a spin on classic remote monitoring and management (RMM) attacks, using a Chinese open source tool instead. – Read More
2025
Chinese Hackers Weaponize Open-Source Nezha Tool in New Attack Wave – The Hacker News
Threat actors with suspected ties to China have turned a legitimate open-source monitoring tool called Nezha into an attack weapon, using it to deliver a known malware called Gh0st RAT…
Calling All Influencers: Spear-Phishers Dangle Tesla, Red Bull Jobs – Dark Reading
Wanna work for a hot brand? Cyberattackers continue to evolve lures for job seekers in an impersonation campaign aimed at stealing resumes from social media pros. – Read More
Open-source monitor turns into an off-the-shelf attack beacon – CSO Online
China-affiliated hackers have quietly turned a once-benign open-source network monitoring tool into a remote access beacon. According to new findings from cybersecurity firm Huntress, the attackers used log poisoning and…
LockBit, Qilin, and DragonForce Join Forces to Dominate the Ransomware Ecosystem – The Hacker News
Three prominent ransomware groups DragonForce, LockBit, and Qilin have announced a new strategic ransomware alliance, once underscoring continued shifts in the cyber threat landscape. The coalition is seen as an…
Salesforce AI agents set to assist enterprises with security and compliance – CSO Online
Salesforce has announced two new AI agents operating on its Agentforce platform: one agent that monitors activity, detects anomalies, and accelerates investigations and remediations in the Salesforce Security Center; and…
Step Into the Password Graveyard… If You Dare (and Join the Live Session) – The Hacker News
Every year, weak passwords lead to millions in losses — and many of those breaches could have been stopped. Attackers don’t need advanced tools; they just need one careless login.…
Severe Figma MCP Vulnerability Lets Hackers Execute Code Remotely — Patch Now – The Hacker News
Cybersecurity researchers have disclosed details of a now-patched vulnerability in the popular figma-developer-mcp Model Context Protocol (MCP) server that could allow attackers to achieve code execution. The vulnerability, tracked as…
Tech over cuts: How UK law firms are investing in efficiency, not redundancy – Legal Futures
Rising operational costs, growing client expectations for value and transparency, and economic uncertainty have left many firms questioning how best to adapt. The post Tech over cuts: How UK law…
Kevin Smith’s story: Customising Hoowla Case Management Software for vehicle damage claims – Legal Futures
As a freelance solicitor specialising in vehicle damage claims, Kevin Smith knew that efficiency was going to either make or break his practice. The post Kevin Smith’s story: Customising Hoowla…
Ban for ex-Walker Morris PA who kept colleague’s wedding gift money – Legal Cheek
£250 A former personal assistant at Walker Morris has been barred from the legal profession after keeping staff donations intended to fund a colleague’s honeymoon. The Solicitors Regulation Authority (SRA)…
Barrister reprimanded over sweary comments towards probation staff – Legal Cheek
Effing and blinding A barrister has been reprimanded by a bar disciplinary tribunal after making inappropriate comments to probation staff in a case where he had been instructed by the…
OpenAI Disrupts Russian, North Korean, and Chinese Hackers Misusing ChatGPT for Cyberattacks – The Hacker News
OpenAI on Tuesday said it disrupted three activity clusters for misusing its ChatGPT artificial intelligence (AI) tool to facilitate malware development. This includes a Russian‑language threat actor, who is said…
Autonomous AI hacking and the future of cybersecurity – CSO Online
AI agents are now hacking computers. They’re getting better at all phases of cyberattacks, faster than most of us expected. They can chain together different aspects of a cyber operation,…
Strengthening national cyber resilience through observability and threat hunting – NCSC Blog
How organisations can improve their ability to both detect and discover cyber threats. – Read More