Introducing Wallarm Middle East Cloud: Built for Data Residency Compliance

As API and AI adoption grows across the Middle East, so do the expectations around how data is handled. For many organizations operating in this region, it’s not just about securing applications. It’s about doing it in a way that keeps data in-country and aligned with local requirements. Today,...

A DarkSword hangs over unpatched iPhones

Researchers at Google have identified an iOS exploit chain, named DarkSword, that has been used since late last year by multiple actors to infect iPhones with malware in targeted attacks. DarkSword combines six vulnerabilities in iOS and Safari to deploy malware on the device. It demonstrates, on...

Kimwolf Android Botnet Infects Over 2 Million Devices via Exposed ADB and Proxy Networks

The botnet known as Kimwolf has infected more than 2 million Android devices by tunneling through residential proxy networks, according to findings from Synthient. "Key actors involved in the Kimwolf botnet are observed monetizing the botnet through app installs, selling residential proxy...

From Tabletop to Turnkey: Building Cyber Resilience in Financial Services

Introduction Financial institutions are facing a new reality: cyber-resilience has passed from being a best practice to an operational necessity to a prescriptive regulatory requirement. Crisis management or Tabletop exercises, for a long time relatively rare in the context of cybersecurity, have...

MAL-2025-42079 Malicious code in saudi-riyal-font (npm)

The package communicates with a domain associated with malicious activity...

Malicious code in saudi-riyal-font (npm)

The package communicates with a domain associated with malicious activity...

Malicious code in @faisal.m.zayed/saudi-riyal-font (npm)

The package communicates with a domain associated with malicious activity...

MAL-2025-41913 Malicious code in @faisal.m.zayed/saudi-riyal-font (npm)

The package communicates with a domain associated with malicious activity...

Evolution of the PipeMagic backdoor: from the RansomExx incident to CVE-2025-29824

In April 2025, Microsoft patched 121 vulnerabilities in its products. According to the company, only one of them was being used in real-world attacks at the time the patch was released: CVE-2025-29824. The exploit for this vulnerability was executed by the PipeMagic malware, which we first...

Zone Bitaqati 安全漏洞

Zone Bitaqati is an application from Zone Saudi Arabia. A security vulnerability exists in Zone Bitaqati version 3.4.0 and earlier, which stems from vulnerability to cross-site scripting attacks...

Pro-Iranian Hacktivist Group Leaks Personal Records from the 2024 Saudi Games

Thousands of personal records allegedly linked to athletes and visitors of the Saudi Games have been published online by a pro-Iranian hacktivist group called Cyber Fattah. Cybersecurity company Resecurity said the breach was announced on Telegram on June 22, 2025, in the form of SQL database...

INE Security Partners with Abadnet Institute for Cybersecurity Training Programs in Saudi Arabia

Cary, North Carolina, 22nd May 2025, CyberNewsWire...

Chinese Hackers Deploy MarsSnake Backdoor in Multi-Year Attack on Saudi Organization

Threat hunters have exposed the tactics of a China-aligned threat actor called UnsolicitedBooker that targeted an unnamed international organization in Saudi Arabia with a previously undocumented backdoor dubbed MarsSnake. ESET, which first discovered the hacking group's intrusions targeting the...

Bridging the Gap: How Qualys Simplifies NCA ECC 2024 Compliance for Businesses

As the digital environment advances, new and more sophisticated cyber threats emerge, necessitating stronger and more adaptive cybersecurity measures. Recognizing this need, the National Cybersecurity Authority NCA of Saudi Arabia has introduced the Essential Cybersecurity Controls ECC 2024...

Chinese Hackers Deploy SpiceRAT and SugarGh0st in Global Espionage Campaign

A previously undocumented Chinese-speaking threat actor codenamed SneakyChef has been linked to an espionage campaign primarily targeting government entities across Asia and EMEA Europe, Middle East, and Africa with SugarGh0st malware since at least August 2023. "SneakyChef uses lures that are...

Hajj Pilgrimage Hit by Extensive Phishing and Data Theft Scams

By Waqas Planning to perform Hajj this year? Ensure your journey to Saudi Arabia is secure and avoid online scams that could jeopardize your life savings and personal data. This is a post from HackRead.com Read the original post: Hajj Pilgrimage Hit by Extensive Phishing and Data Theft Scams...

PT-2024-25498 · Globitel · Globitel Ksa Speechlog

Name of the Vulnerable Software and Affected Versions: Globitel KSA SpeechLog version 8.1 Description: The issue is related to an Insecure Direct Object Reference IDOR that can be accessed via the userID parameter. Recommendations: For Globitel KSA SpeechLog version 8.1, consider restricting acce...

The Zardoor Backdoor’s Silent Takeover of Saudi Charities

Summary: An espionage operation, designed to distribute a backdoor called Zardoor, was uncovered with evidence suggesting it dates back to March 2021. In May 2023, this meticulously orchestrated campaign specifically targeted non-profit organizations in Saudi Arabia. Threat Level - Amber | Attack...

APT34 Deploys Phishing Attack With New Malware

We observed and tracked the advanced persistent threat APT APT34 group with a new malware variant accompanying a phishing attack comparatively similar to the SideTwist backdoor malware. Following the campaign, the group abused a fake license registration form of an African government agency to...

CMS SAUDI SOFTECH 5.0.2 SQL Injection

========================================================================================= | Title : CMS SAUDI SOFTECH v5.0.2 Sql injection Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 66.0.264-bit | | Vendor :...