Let’s catch up on the more interesting vulnerability disclosures and cyber security news gathered from articles across the web this week. This is what we have been reading about on our coffee break! The awe I have for those able to dig this deep increases further. Also does the concern at what nefarious uses it can be put to.

In a recent discovery, our research team uncovered a fake VS-code extension—truffelvscode—typosquatting the popular truffle for VS-code extension. This extension serves as a trojan horse for multi-stage malware. This blog takes a closer look at how the malicious extension operates, its obfuscation techniques, and IOCs related to this incident.

As digital transformation expands the threat landscape, compliance mandates adapt to meet new challenges. In 2020, the European Commission announced its decision to accelerate its revision of the Directive on Security of Network and Information Systems (NIS2). When carrying out its impact assessment, the Commission realized that it needed to update the NIS Directive in response to new risks.

WatchGuard Technologies, a leading provider of unified cybersecurity solutions, today revealed its participation in the Amazon Web Services (AWS) Independent Software Vendor (ISV) Accelerate Program. This co-sell initiative connects AWS Partners offering software solutions that operate on or integrate with AWS, helping them drive new business by directly linking ISVs with the AWS Sales team.

Are your employees accessing restricted websites during work hours? Unrestricted web access on company devices can lead to decreased productivity and increased security risks. For businesses, controlling online activity on work-issued Android phones and tablets is essential to maintaining a secure and focused work environment.

The question of ownership is one of the biggest reasons vulnerabilities persist in organizations far longer than they should. Who owns vulnerabilities? This isn’t just a theoretical debate—it’s a critical operational issue. Modern scanning solutions excel at identifying and prioritizing vulnerabilities, but without clear ownership, those vulnerabilities often linger unaddressed or improperly documented, increasing an organization’s risk exposure.

Today's transforming cyber threat landscape is an age of major malice regarding malware. Lumma Stealer remains one of the most fascinating malicious pieces out here. The aim of this blog is to tell you about all recent activities regarding this malware within the year 2025. Thereby, focusing on some practical real-based scenarios, where incidents have unfolded using this malware as a sample analysis, with line-by-line analysis of malware along with dissected code infection patterns.

Creating an enterprise security-first culture is one of the most impactful things a CISO can do to protect their organization. Sure, high-tech solutions and fancy tools are important, but they are largely ineffective when staff are unable or unwilling to play their part in preventing, identifying, and reporting security incidents. However, in the quest to develop a positive cybersecurity culture, many Chief Information Security Officers (CISOs) inadvertently create a toxic environment.

The rise of agentic AI tools will transform the cybercrime landscape, according to a new report from Malwarebytes. Agentic AI—which is still under development—is a step above the generative AI tools that are currently available to the public, and will likely be widely released in 2025. While these tools will have many legitimate uses, they’ll also enable cybercriminals to scale their attacks.

Today’s businesses rely on third-party vendors, contractors, and partners to operate efficiently more than ever. But every external connection introduces a risk—especially when it comes with overly permissive access. If not properly managed, this can become a significant vulnerability. Attackers know this, and they actively exploit these weak points.