Memento Labs Spyware Used in Chrome Zero-Day Campaign

• Post author:Pocholo Legaspi
• Post published:October 29, 2025
• Post category:Blogs

Operation ForumTroll used a Chrome zero-day to install spyware traced to Memento Labs. The phishing campaign hit research and media groups.

Continue ReadingMemento Labs Spyware Used in Chrome Zero-Day Campaign

Medical Specialist Group Fined £100,000 After Cyber Attack Exposed Patient Data

• Post author:Pocholo Legaspi
• Post published:October 24, 2025
• Post category:Blogs

A £100,000 fine hits the Medical Specialist Group after hackers stole patient data, highlighting major security lapses and the cost of poor cyber hygiene.

Continue ReadingMedical Specialist Group Fined £100,000 After Cyber Attack Exposed Patient Data

Hacker Group TA585 Deploys MonsterV2 Malware with Advanced Web Injection Capabilities

• Post author:Pocholo Legaspi
• Post published:October 17, 2025
• Post category:Blogs

TA585 launches MonsterV2 malware, capable of live transaction tampering via browser injection. Just-in-time privilege controls help limit damage.

Continue ReadingHacker Group TA585 Deploys MonsterV2 Malware with Advanced Web Injection Capabilities

JLR’s Production Crisis Exposes Manufacturing’s Cyber Weakness

• Post author:Pocholo Legaspi
• Post published:September 19, 2025
• Post category:Blogs

JLR's global factories remain offline after a major cyberattack. Weeks of halted production expose serious risks in connected manufacturing systems.

Continue ReadingJLR’s Production Crisis Exposes Manufacturing’s Cyber Weakness

Salesloft Drift AI Agent Vulnerability Leads to Widespread Data Theft

• Post author:Pocholo Legaspi
• Post published:September 5, 2025
• Post category:Blogs

Threat actors used stolen OAuth tokens to breach Salesforce data at scale, exposing major flaws in AI agent integrations and enterprise security.

Continue ReadingSalesloft Drift AI Agent Vulnerability Leads to Widespread Data Theft

Electronics Manufacturer Data I/O Hit by Ransomware Attack

• Post author:Pocholo Legaspi
• Post published:August 29, 2025
• Post category:Blogs

A ransomware attack knocked out key systems at Data I/O, a chip services firm for Apple and Google. The fallout exposes serious supply chain vulnerabilities.

Continue ReadingElectronics Manufacturer Data I/O Hit by Ransomware Attack

Dior Joins Growing List of Retailers Targeted by Cybercriminals 

• Post author:Pocholo Legaspi
• Post published:May 23, 2025
• Post category:Blogs

Dior joins a wave of retail brands hit by cyberattacks. While financial data was safe, exposed shopping histories raise major phishing risks.

Continue ReadingDior Joins Growing List of Retailers Targeted by Cybercriminals 

What is an Advanced Persistent Threat (APT)? 

• Post author:Pocholo Legaspi
• Post published:May 20, 2025
• Post category:Blogs

Learn how an advanced persistent threat (APT) works, why it's so dangerous to organizations, and what steps can help detect and respond before damage is done.

Continue ReadingWhat is an Advanced Persistent Threat (APT)? 

Lessons from the PAN-OS Authentication Bypass Vulnerability 

• Post author:Pocholo Legaspi
• Post published:May 13, 2025
• Post category:Blogs

PAN-OS vulnerability CVE-2025-0108 showed how fast hackers strike. Learn key lessons in patching, privilege control, and layered cybersecurity defenses.

Continue ReadingLessons from the PAN-OS Authentication Bypass Vulnerability 

Revisiting the Finastra Data Breach: What Went Wrong?

• Post author:Pocholo Legaspi
• Post published:May 5, 2025
• Post category:Blogs

Back in February, Finastra announced a data breach that exposed customer info. Learn how it happened and what you can do to better protect your own data.

Continue ReadingRevisiting the Finastra Data Breach: What Went Wrong?