With many of the highly publicized 2023 cyber attacks revolving around one or more SaaS applications, SaaS has become a cause for...
A Chinese-speaking threat actor codenamed GoldFactory has been attributed to the development of highly sophisticated banking trojans, including a previously undocumented iOS...
Microsoft on Wednesday acknowledged that a newly disclosed critical security flaw in Exchange Server has been actively exploited in the wild, a...
Nation-state actors associated with Russia, North Korea, Iran, and China are experimenting with artificial intelligence (AI) and large language models (LLMs) to...
Cybersecurity researchers have found that it’s possible for threat actors to exploit a well-known utility called command-not-found to recommend their own rogue...
The landscape of cybersecurity in financial services is undergoing a rapid transformation. Cybercriminals are exploiting advanced technologies and methodologies, making traditional security...
The infamous malware loader and initial access broker known as Bumblebee has resurfaced after a four-month absence as part of a new...
A newly disclosed security flaw in the Microsoft Defender SmartScreen has been exploited as a zero-day by an advanced persistent threat actor...
Microsoft has released patches to address 73 security flaws spanning its software lineup as part of its Patch Tuesday updates for February...
Threat actors are leveraging a recently disclosed security flaw impacting Ivanti Connect Secure, Policy Secure, and ZTA gateways to deploy a backdoor...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a medium-severity security flaw impacting Roundcube email software to its Known...
The U.S. Justice Department (DoJ) on Friday announced the seizure of online infrastructure that was used to sell a remote access trojan...
Apple macOS users are the target of a new Rust-based backdoor that has been operating under the radar since November 2023. The...
The operators of Raspberry Robin are now using two new one-day exploits to achieve local privilege escalation, even as the malware continues...
Threat hunters have identified a new variant of Android malware called MoqHao that automatically executes on infected devices without requiring any user...
Introduction The modern software supply chain represents an ever-evolving threat landscape, with each package added to the manifest introducing new attack vectors....
Fortinet has disclosed a new critical security flaw in FortiOS SSL VPN that it said is likely being exploited in the wild....
Ivanti has alerted customers of yet another high-severity security flaw in its Connect Secure, Policy Secure, and ZTA gateway devices that could...
An unnamed Islamic non-profit organization in Saudi Arabia has been targeted as part of a stealthy cyber espionage campaign designed to drop...
The Cybersecurity and Infrastructure Security Agency (CISA), in collaboration with the National Security Agency (NSA), Federal Bureau of Investigation (FBI), and international...
Russian APT Deploys New ‘Kapeka’ Backdoor in Eastern European Attacks
Critical Atlassian Flaw Exploited to Deploy Linux Variant of Cerber Ransomware
Hackers Exploit Fortinet Flaw, Deploy ScreenConnect, Metasploit in New Campaign
TA558 Hackers Weaponize Images for Wide-Scale Malware Attacks
AWS, Google, and Azure CLI Tools Could Leak Credentials in Build Logs
Widely-Used PuTTY SSH Client Found Vulnerable to Key Recovery Attack
Hive RAT Creators and $3.5M Cryptojacking Mastermind Arrested in Global Crackdown
Intel and Lenovo BMCs Contain Unpatched Lighttpd Server Flaw
AI Copilot: Launching Innovation Rockets, But Beware of the Darkness Ahead
Chinese-Linked LightSpy iOS Spyware Targets South Asian iPhone Users
Palo Alto Networks Releases Urgent Fixes for Exploited PAN-OS Vulnerability
U.S. Treasury Hamas Spokesperson for Cyber Influence Operations
Hackers Deploy Python Backdoor in Palo Alto Zero-Day Attack
Popular Rust Crate liblzma-sys Compromised with XZ Utils Backdoor Files
Iranian MuddyWater Hackers Adopt New C2 Tool ‘DarkBeatC2’ in Latest Campaign
Zero-Day Alert: Critical Palo Alto Networks PAN-OS Flaw Under Active Attack
Sneaky Credit Card Skimmer Disguised as Harmless Facebook Tracker
U.S. Federal Agencies Ordered to Hunt for Signs of Microsoft Breach and Mitigate Risks
TA547 Phishing Attack Hits German Firms with Rhadamanthys Stealer
Python’s PyPI Reveals Its Secrets