Security Boulevard

APT37 Adds New Capabilities for Air-Gapped Networks

IntroductionIn December 2025, Zscaler ThreatLabz discovered a campaign linked to APT37 (also known as ScarCruft, Ruby Sleet, and Velvet Chollima), which is a DPRK-backed threat group. In this campaign ...
Security Boulevard

Blue Teaming Construction Insights from 2025 Threat Landscape Observations

In 2025, AI has evolved from being a tool that merely enhances the efficiency of attacks to becoming an integral component embedded within the execution phase of cyber operations. In the future, AI ...
The Hacker News

ScarCruft Uses Zoho WorkDrive and USB Malware to Breach Air-Gapped Networks

North Korea-linked ScarCruft’s Ruby Jumper uses Zoho WorkDrive C2 and USB malware to breach air-gapped systems for ...

Microsoft Thwarts AI Prompt Injection Attacks Aimed To Manipulate AI Engines

Microsoft has implemented and continues to deploy mitigations against prompt injection attacks in Copilot, the company announced last week. Spammers were using the "Summarize with AI" type of buttons ...
The Hacker News

RoguePilot Flaw in GitHub Codespaces Enabled Copilot to Leak GITHUB_TOKEN

RoguePilot flaw let GitHub Copilot leak GITHUB_TOKEN, while new studies expose LLM side channels, ShadowLogic backdoors, and promptware risks.
Investopedia

Positive Economics History, Theory, Pros and Cons, and Example

Christina Majaski writes and edits finance, credit cards, and travel content. She has 14+ years of experience with print and digital publications. Robert Kelly is managing director of XTS Energy LLC, ...
Investopedia

Investment Policy Statements: Key Components & Importance

Barbara Friedberg is a veteran investment portfolio manager, fintech consultant, and expert investor. She is a published author of several books. Suzanne is a content marketer, writer, and ...