A security vulnerability has been disclosed in the LiteSpeed Cache plugin for WordPress that...
The threat actors behind the KV-botnet made “behavioral changes” to the malicious network as...
The malicious code inserted into the open-source library XZ Utils, a widely used package...
A security flaw impacting the Lighttpd web server used in baseboard management controllers (BMCs)...
The maintainers of the PuTTY Secure Shell (SSH) and Telnet client are alerting users...
Law enforcement agencies have officially seized control of the notorious BreachForums platform, an online bazaar known for peddling stolen data, for the...
Microsoft has addressed a total of 61 new security flaws in its software as part of its Patch Tuesday updates for May...
With the browser becoming the most prevalent workspace in the enterprise, it is also turning into a popular attack vector for cyber...
Cybersecurity researchers have disclosed multiple security flaws in Cinterion cellular modems that could be potentially exploited by threat actors to access sensitive...
The Black Basta ransomware-as-a-service (RaaS) operation has targeted more than 500 private industry and critical infrastructure entities in North America, Europe, and...
Cybersecurity researchers have identified a malicious Python package that purports to be an offshoot of the popular requests library and has been...
The financially motivated threat actor known as FIN7 has been observed leveraging malicious Google ads spoofing legitimate brands as a means to...
The North Korean threat actor tracked as Kimsuky has been observed deploying a previously undocumented Golang-based malware dubbed Durian as part of...
Google on Thursday released security updates to address a zero-day flaw in Chrome that it said has been actively exploited in the...
Malicious Android apps masquerading as Google, Instagram, Snapchat, WhatsApp, and X (formerly Twitter) have been observed to steal users’ credentials from compromised...
Polish government institutions have been targeted as part of a large-scale malware campaign orchestrated by a Russia-linked nation-state actor called APT28. “The...
Two recently disclosed security flaws in Ivanti Connect Secure (ICS) devices are being exploited to deploy the infamous Mirai botnet. That’s according...
Permissions in SaaS platforms like Salesforce, Workday, and Microsoft 365 are remarkably precise. They spell out exactly which users have access to...
״Defenders think in lists, attackers think in graphs,” said John Lambert from Microsoft, distilling the fundamental difference in mindset between those who...
A newer version of a malware loader called Hijack Loader has been observed incorporating an updated set of anti-analysis techniques to fly...
A high-severity flaw impacting the LiteSpeed Cache plugin for WordPress is being actively exploited by threat actors to create rogue admin accounts...
The U.K. National Crime Agency (NCA) has unmasked the administrator and developer of the LockBit ransomware operation, revealing it to be a...
The Iranian state-backed hacking outfit called APT42 is making use of enhanced social engineering schemes to infiltrate target networks and cloud environments....
The MITRE Corporation has offered more details into the recently disclosed cyber attack, stating that the first evidence of the intrusion now...
How safe is your comments section? Discover how a seemingly innocent ‘thank you’ comment on a product page concealed a malicious vulnerability,...
FBI Seizes BreachForums Again, Urges Users to Report Criminal Activity
Microsoft Patches 61 Flaws, Including Two Actively Exploited Zero-Days
The 2024 Browser Security Report Uncovers How Every Web Session Could be a Security Minefield
Severe Vulnerabilities in Cinterion Cellular Modems Pose Risks to Various Industries
Black Basta Ransomware Strikes 500+ Entities Across North America, Europe, and Australia
Malicious Python Package Hides Sliver C2 Framework in Fake Requests Library Logo
FIN7 Hacker Group Leverages Malicious Google Ads to Deliver NetSupport RAT
North Korean Hackers Deploy New Golang Malware ‘Durian’ Against Crypto Firms
Chrome Zero-Day Alert — Update Your Browser to Patch New Vulnerability
Malicious Android Apps Pose as Google, Instagram, WhatsApp to Steal Credentials
Kremlin-Backed APT28 Targets Polish Institutions in Large-Scale Malware Campaign
Mirai Botnet Exploits Ivanti Connect Secure Flaws for Malicious Payload Delivery
A SaaS Security Challenge: Getting Permissions All in One Place
The Fundamentals of Cloud Security Stress Testing
Hijack Loader Malware Employs Process Hollowing, UAC Bypass in Latest Version
Hackers Exploiting LiteSpeed Cache Bug to Gain Full Control of WordPress Sites
Russian Hacker Dmitry Khoroshev Unmasked as LockBit Ransomware Administrator
APT42 Hackers Pose as Journalists to Harvest Credentials and Access Cloud Data
China-Linked Hackers Used ROOTROT Webshell in MITRE Network Intrusion
New Case Study: The Malicious Comment