A security vulnerability has been disclosed in the LiteSpeed Cache plugin for WordPress that...
The threat actors behind the KV-botnet made “behavioral changes” to the malicious network as...
The malicious code inserted into the open-source library XZ Utils, a widely used package...
A security flaw impacting the Lighttpd web server used in baseboard management controllers (BMCs)...
The maintainers of the PuTTY Secure Shell (SSH) and Telnet client are alerting users...
Cybersecurity researchers have disclosed multiple security flaws in Cinterion cellular modems that could be potentially exploited by threat actors to access sensitive...
Cybersecurity researchers have identified a malicious Python package that purports to be an offshoot of the popular requests library and has been...
The financially motivated threat actor known as FIN7 has been observed leveraging malicious Google ads spoofing legitimate brands as a means to...
The North Korean threat actor tracked as Kimsuky has been observed deploying a previously undocumented Golang-based malware dubbed Durian as part of...
Google on Thursday released security updates to address a zero-day flaw in Chrome that it said has been actively exploited in the...
Malicious Android apps masquerading as Google, Instagram, Snapchat, WhatsApp, and X (formerly Twitter) have been observed to steal users’ credentials from compromised...
Polish government institutions have been targeted as part of a large-scale malware campaign orchestrated by a Russia-linked nation-state actor called APT28. “The...
Two recently disclosed security flaws in Ivanti Connect Secure (ICS) devices are being exploited to deploy the infamous Mirai botnet. That’s according...
״Defenders think in lists, attackers think in graphs,” said John Lambert from Microsoft, distilling the fundamental difference in mindset between those who...
A newer version of a malware loader called Hijack Loader has been observed incorporating an updated set of anti-analysis techniques to fly...
A high-severity flaw impacting the LiteSpeed Cache plugin for WordPress is being actively exploited by threat actors to create rogue admin accounts...
The U.K. National Crime Agency (NCA) has unmasked the administrator and developer of the LockBit ransomware operation, revealing it to be a...
The Iranian state-backed hacking outfit called APT42 is making use of enhanced social engineering schemes to infiltrate target networks and cloud environments....
The MITRE Corporation has offered more details into the recently disclosed cyber attack, stating that the first evidence of the intrusion now...
How safe is your comments section? Discover how a seemingly innocent ‘thank you’ comment on a product page concealed a malicious vulnerability,...
A significant security flaw, identified as CVE-2023-49606, has been reported by Cisco Talos in the widely used Tinyproxy software. This vulnerability, stemming...
The recently uncovered cyber espionage campaign targeting perimeter network devices from several vendors, including Cisco, may have been the work of China-linked...
Cybersecurity researchers have discovered a new information stealer targeting Apple macOS systems that’s designed to set up persistence on the infected hosts...
Czechia and Germany on Friday revealed that they were the target of a long-term cyber espionage campaign conducted by the Russia-linked nation-state...
Threat actors have been increasingly weaponizing Microsoft Graph API for malicious purposes with the aim of evading detection. This is done to...
Severe Vulnerabilities in Cinterion Cellular Modems Pose Risks to Various Industries
Malicious Python Package Hides Sliver C2 Framework in Fake Requests Library Logo
FIN7 Hacker Group Leverages Malicious Google Ads to Deliver NetSupport RAT
North Korean Hackers Deploy New Golang Malware ‘Durian’ Against Crypto Firms
Chrome Zero-Day Alert — Update Your Browser to Patch New Vulnerability
Malicious Android Apps Pose as Google, Instagram, WhatsApp to Steal Credentials
Kremlin-Backed APT28 Targets Polish Institutions in Large-Scale Malware Campaign
Mirai Botnet Exploits Ivanti Connect Secure Flaws for Malicious Payload Delivery
The Fundamentals of Cloud Security Stress Testing
Hijack Loader Malware Employs Process Hollowing, UAC Bypass in Latest Version
Hackers Exploiting LiteSpeed Cache Bug to Gain Full Control of WordPress Sites
Russian Hacker Dmitry Khoroshev Unmasked as LockBit Ransomware Administrator
APT42 Hackers Pose as Journalists to Harvest Credentials and Access Cloud Data
China-Linked Hackers Used ROOTROT Webshell in MITRE Network Intrusion
New Case Study: The Malicious Comment
How Safe is Your TinyProxy? Step-by-Step Guide to Exploiting Tinyproxy’s Zero Day Vulnerability
China-Linked Hackers Suspected in ArcaneDoor Cyberattacks Targeting Network Devices
New ‘Cuckoo’ Persistent macOS Spyware Targeting Intel and Arm Macs
Microsoft Outlook Flaw Exploited by Russia’s APT28 to Hack Czech, German Entities
Hackers Increasingly Abusing Microsoft Graph API for Stealthy Malware Communications