Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Lookalike domains – meaning domains where threat actors host content designed to impersonate your business or brand – can be gravely harmful. “Look-alikes prey on users’ inattention to verifying legitimate websites, and sometimes rely on human mistakes, such as entering a typo in a URL, to capture victims,” as Dark Reading notes. The good news, however, is that lookalike domains can take some time to roll out fully.

Checkmarx is a popular SAST, DAST, and SCA provider that helps organizations detect and fix vulnerabilities and ensure application security. Its robust testing capabilities make it a go-to choice for many enterprises looking to integrate security into their DevSecOps pipeline. However, like all tools, Checkmarx has certain limitations. Some users find it expensive and complex to set up, while others report long scan times and occasional false positives, which slow down development workflows.

On March 12, 2025, the Cybersecurity and Infrastructure Security Agency (CISA), in collaboration with the Federal Bureau of Investigation (FBI) and the Multi-State Information Sharing and Analysis Center (MS-ISAC), issued a joint Cybersecurity Advisory (CSA) titled “#StopRansomware: Medusa Ransomware” (Alert Code: AA25-071A).

The Shadowserver group recently identified over 41,500 internet-exposed VMware ESXi hypervisors vulnerable to CVE-2025-22224, a critical Time-of-Check Time-of-Use (TOCTOU) code execution attack. The attackers who gain administrative access to a compromised VM can exploit this flaw to execute arbitrary code on the hypervisor, gaining full control over all hosted VMs and networked assets. Broadcom released emergency patches for ESXi and Workstation products to remediate the flaw.

The perfect conditions for both pre-planned and opportunistic scalper attacks are quite simple: limited availability and high demand. The trading card culture – think everything from Pokémon and Magic the Gathering to Panini or Topps football and baseball cards – fuels this fire, with first print editions and special editions held to a higher value than reprints.

Let’s catch up on the more interesting vulnerability disclosures and cyber security news gathered from articles across the web this week. This is what we have been reading about on our coffee break! Firefox user? Might want to update ASAP.

Group-IB has published a report on SIM swapping attacks, finding that attackers continue to use social engineering to bypass technical security measures. SIM swapping is a technique in which an attacker takes over a victim’s phone number, which enables them to access the victim’s accounts. This involves tricking the telecom operator into reassigning the victim’s phone number to a SIM card controlled by the attacker.

Arctic Wolf has recently observed a campaign in which threat actors are compromising widely used websites across various industries and embedding a fake CAPTCHA challenge. When victims visit the site, they are presented with the CAPTCHA challenge or redirected to a site that provides instructions, triggering PowerShell code execution and ultimately leading to the loading of information stealer malware.

During routine monitoring of the cyber threat landscape in Southeast Asia, the Arctic Wolf Labs team came across a relatively recent Indonesian-based hacktivist collective calling themselves “INDOHAXSEC” that has been active within this region.

6G could be available by the end of the decade, which should decrease latency and connectivity speeds for users. However, these wireless networks present new cybersecurity challenges. What should industry professionals prepare for?