The U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) announced sanctions against six...
The cyber attacks targeting the energy sector in Denmark last year may not have...
A security vulnerability has been disclosed in the LiteSpeed Cache plugin for WordPress that...
The threat actors behind the KV-botnet made “behavioral changes” to the malicious network as...
The malicious code inserted into the open-source library XZ Utils, a widely used package...
Users of the CrushFTP enterprise file transfer software are being urged to update to the latest version following the discovery of a...
A new Android trojan called SoumniBot has been detected in the wild targeting users in South Korea by leveraging weaknesses in the...
A previously undocumented “flexible” backdoor called Kapeka has been “sporadically” observed in cyber attacks targeting Eastern Europe, including Estonia and Ukraine, since...
Threat actors are exploiting unpatched Atlassian servers to deploy a Linux variant of Cerber (aka C3RB3R) ransomware. The attacks leverage CVE-2023-22518 (CVSS...
Cybersecurity researchers have discovered a new campaign that’s exploiting a recently disclosed security flaw in Fortinet FortiClient EMS devices to deliver ScreenConnect...
CVE-2024-31497 has emerged as a critical security flaw affecting PuTTY, a widely used SSH and Telnet client, from versions 0.68 through 0.80,...
The threat actor tracked as TA558 has been observed leveraging steganography as an obfuscation technique to deliver a wide range of malware...
New cybersecurity research has found that command-line interface (CLI) tools from Amazon Web Services (AWS) and Google Cloud can expose sensitive credentials...
The maintainers of the PuTTY Secure Shell (SSH) and Telnet client are alerting users of a critical vulnerability impacting versions from 0.68...
The U.S. Federal Trade Commission (FTC) has ordered mental telehealth company Cerebral from using or disclosing personal medical data for advertising purposes....
Two individuals have been arrested in Australia and the U.S. in connection with an alleged scheme to develop and distribute a remote...
A security flaw impacting the Lighttpd web server used in baseboard management controllers (BMCs) has remained unpatched by device vendors like Intel...
Imagine a world where the software that powers your favorite apps, secures your online transactions, and keeps your digital life could be...
The threat actor known as Muddled Libra has been observed actively targeting software-as-a-service (SaaS) applications and cloud service provider (CSP) environments in...
To minimize the risk of privilege misuse, a trend in the privileged access management (PAM) solution market involves implementing just-in-time (JIT) privileged...
Cybersecurity researchers have discovered a “renewed” cyber espionage campaign targeting users in South Asia with the aim of delivering an Apple iOS...
Palo Alto Networks has released hotfixes to address a maximum-severity security flaw impacting PAN-OS software that has come under active exploitation in...
The U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) on Friday announced sanctions against an official associated with Hamas for his...
Threat actors have been exploiting the newly disclosed zero-day flaw in Palo Alto Networks PAN-OS software dating back to March 26, 2024,...
“Test files” associated with the XZ Utils backdoor have made their way to a Rust crate known as liblzma-sys, new findings from...
Critical Update: CrushFTP Zero-Day Flaw Exploited in Targeted Attacks
New Android Trojan ‘SoumniBot’ Evades Detection with Clever Tricks
Russian APT Deploys New ‘Kapeka’ Backdoor in Eastern European Attacks
Critical Atlassian Flaw Exploited to Deploy Linux Variant of Cerber Ransomware
Hackers Exploit Fortinet Flaw, Deploy ScreenConnect, Metasploit in New Campaign
Compromising Cryptographic Key Security Through PuTTY: A Deep Dive into CVE-2024-31497
TA558 Hackers Weaponize Images for Wide-Scale Malware Attacks
AWS, Google, and Azure CLI Tools Could Leak Credentials in Build Logs
Widely-Used PuTTY SSH Client Found Vulnerable to Key Recovery Attack
FTC Fines Mental Health Startup Cerebral $7 Million for Major Privacy Violations
Hive RAT Creators and $3.5M Cryptojacking Mastermind Arrested in Global Crackdown
Intel and Lenovo BMCs Contain Unpatched Lighttpd Server Flaw
AI Copilot: Launching Innovation Rockets, But Beware of the Darkness Ahead
Muddled Libra Shifts Focus to SaaS and Cloud for Extortion and Data Theft Attacks
Timing is Everything: The Role of Just-in-Time Privileged Access in Security Evolution
Chinese-Linked LightSpy iOS Spyware Targets South Asian iPhone Users
Palo Alto Networks Releases Urgent Fixes for Exploited PAN-OS Vulnerability
U.S. Treasury Hamas Spokesperson for Cyber Influence Operations
Hackers Deploy Python Backdoor in Palo Alto Zero-Day Attack
Popular Rust Crate liblzma-sys Compromised with XZ Utils Backdoor Files