The US Securities and Exchange Commission (SEC) has instigated a new rule requiring all registrants to disclose significant cyber incidents and describe their cyber risk management programmes within four days of detection. Ruling S7-09-22 aims to increase transparency for investors and encourage companies to invest in robust cyber security measures. However, the legislation’s wording is ambiguous, and there has been criticism regarding the lack of mandated boardroom cyber collaboration and expertise.
“PupkinStealer” A New .NET-Based Malware Steals Browser Credentials & Exfiltrate via Telegram
PupkinStealer is a C# malware that steals sensitive data, including browser credentials and desktop files, using Telegram for stealthy data exfiltration. Discovered in April 2025,
