A security tip highlighting common cybersecurity risks associated with summer travel, including phishing scams, fake booking sites, and unsafe public Wi-Fi use, with practical guidance for protecting personal data before, during, and after a trip. Originally written in June 2025.
A breakdown of the June 2025 campaign in which the Flodrix botnet exploited Langflow’s critical RCE vulnerability (CVE-2025-3248), compromising unpatched AI development environments and enrolling them into a rapidly evolving botnet. Originally written in June 2025.
An overview of a targeted BlueNoroff (Lazarus Group–linked) attack that used AI-generated deepfake Zoom meetings to socially engineer a victim into installing macOS malware, highlighting the growing risk of AI-driven impersonation in remote work environments. Originally written in June 2025.
An overview of FIN6’s June 2025 phishing campaign targeting HR and recruitment teams using fake applicant profiles, cloud-hosted landing pages, and malicious “resume” downloads that install the More_eggs backdoor. Originally written in June 2025.
An overview of an active cryptojacking campaign attributed to JINX-0132 that exploits misconfigured DevOps tools such as Docker, Nomad, Consul, and Gitea to hijack compute resources for cryptocurrency mining. Originally written in June 2025.