A new zero-day security flaw has been discovered in Apache OfBiz, an open-source Enterprise...
Over the past few years, SaaS has developed into the backbone of corporate IT....
The U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) announced sanctions against six...
The cyber attacks targeting the energy sector in Denmark last year may not have...
A security vulnerability has been disclosed in the LiteSpeed Cache plugin for WordPress that...
In January 2024, Microsoft discovered they’d been the victim of a hack orchestrated by Russian-state hackers Midnight Blizzard (sometimes known as Nobelium)....
Cybersecurity researchers have shared details of a now-patched security vulnerability in Amazon Web Services (AWS) Managed Workflows for Apache Airflow (MWAA) that...
A China-linked threat cluster leveraged security flaws in Connectwise ScreenConnect and F5 BIG-IP software to deliver custom malware capable of delivering additional...
A massive malware campaign dubbed Sign1 has compromised over 39,000 WordPress sites in the last six months, using malicious JavaScript injections to...
The data wiping malware called AcidPour may have been deployed in attacks targeting four telecom providers in Ukraine, new findings from SentinelOne...
Cybersecurity researchers have shed light on a tool referred to as AndroxGh0st that’s used to target Laravel applications and steal sensitive data....
When you read reports about cyber-attacks affecting operational technology (OT), it’s easy to get caught up in the hype and assume every...
Ivanti has disclosed details of a critical remote code execution flaw impacting Standalone Sentry, urging customers to apply the fixes immediately to...
Atlassian has released patches for more than two dozen security flaws, including a critical bug impacting Bamboo Data Center and Server that...
Multiple threat actors are exploiting the recently disclosed security flaws in JetBrains TeamCity software to deploy ransomware, cryptocurrency miners, Cobalt Strike beacons,...
The Cyber Police of Ukraine has arrested three individuals on suspicion of hijacking more than 100 million emails and Instagram accounts from...
Application programming interfaces (APIs) are the connective tissue behind digital modernization, helping applications and databases exchange data more effectively. The State of...
Large language models (LLMs) powering artificial intelligence (AI) tools today could be exploited to develop self-augmenting malware capable of bypassing YARA rules....
In an era where digital transformation drives business across sectors, cybersecurity has transcended its traditional operational role to become a cornerstone of...
A new variant of a data wiping malware called AcidRain has been detected in the wild that’s specifically designed for targeting Linux...
A new phishing campaign is targeting U.S. organizations with the intent to deploy a remote access trojan called NetSupport RAT. Israeli cybersecurity...
A new elaborate attack campaign has been observed employing PowerShell and VBScript malware to infect Windows systems and harvest sensitive information. Cybersecurity...
Fortra has released details of a now-patched critical security flaw impacting its FileCatalyst file transfer solution that could allow unauthenticated attackers to...
Cybersecurity researchers have discovered a new malware campaign that leverages bogus Google Sites pages and HTML smuggling to distribute a commercial malware...
WordPress users of miniOrange’s Malware Scanner and Web Application Firewall plugins are being urged to delete them from their websites following the...
Key Lesson from Microsoft’s Password Spray Hack: Secure Every Account
AWS Patches Critical ‘FlowFixation’ Bug in Airflow Service to Prevent Session Hijacking
China-Linked Group Breaches Networks via Connectwise, F5 Software Flaws
Massive Sign1 Campaign Infects 39,000+ WordPress Sites with Scam Redirects
Russian Hackers May Have Targeted Ukrainian Telecoms with Upgraded ‘AcidPour’ Malware
AndroxGh0st Malware Targets Laravel Apps to Steal Cloud Credentials
Making Sense of Operational Technology Attacks: The Past, Present, and Future
Ivanti Releases Urgent Fix for Critical Sentry RCE Vulnerability
Atlassian Releases Fixes for Over 2 Dozen Flaws, Including Critical Bamboo Bug
TeamCity Flaw Leads to Surge in Ransomware, Cryptomining, and RAT Attacks
Ukraine Arrests Trio for Hijacking Over 100 Million Email and Instagram Accounts
APIs Drive the Majority of Internet Traffic and Cybercriminals are Taking Advantage
From Deepfakes to Malware: AI’s Expanding Role in Cyber Attacks
Crafting and Communicating Your Cybersecurity Strategy for Board Buy-In
Suspected Russian Data-Wiping ‘AcidPour’ Malware Targeting Linux x86 Devices
New Phishing Attack Uses Clever Microsoft Office Trick to Deploy NetSupport RAT
New DEEP#GOSU Malware Campaign Targets Windows Users with Advanced Tactics
Fortra Patches Critical RCE Vulnerability in FileCatalyst Transfer Tool
Hackers Using Sneaky HTML Smuggling to Deliver Malware via Fake Google Sites
WordPress Admins Urged to Remove miniOrange Plugins Due to Critical Flaw