Cisco has released patches to address a high-severity security flaw impacting its Secure Client software that could be exploited by a threat...
Threat actors have been observed leveraging the QEMU open-source hardware emulator as tunneling software during a cyber attack targeting an unnamed “large...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a critical security flaw impacting JetBrains TeamCity On-Premises software to its...
Threat actors are conducting brute-force attacks against WordPress sites by leveraging malicious JavaScript injections, new findings from Sucuri reveal. The attacks, which...
The China-linked threat actor known as Evasive Panda orchestrated both watering hole and supply chain attacks targeting Tibetan users at least since...
In today’s rapidly evolving SaaS environment, the focus is on human users. This is one of the most compromised areas in SaaS...
The U.S. Department of Justice (DoJ) announced the indictment of a 38-year-old Chinese national and a California resident for allegedly stealing proprietary...
Facebook messages are being used by threat actors to distribute a Python-based information stealer dubbed Snake that’s designed to capture credentials and...
Threat actors have been leveraging fake websites advertising popular video conferencing software such as Google Meet, Skype, and Zoom to deliver a...
In the interconnected world of modern software development, Application Programming Interfaces (APIs) play a pivotal role in enabling systems to communicate and...
Threat actors are targeting misconfigured and vulnerable servers running Apache Hadoop YARN, Docker, Atlassian Confluence, and Redis services as part of an...
The threat actors behind the BlackCat ransomware have shut down their darknet website and likely pulled an exit scam after uploading a...
The U.S. Department of Treasury’s Office of Foreign Assets Control (OFAC) sanctioned two individuals and five entities associated with the Intellexa Alliance...
VMware has released patches to address four security flaws impacting ESXi, Workstation, and Fusion, including two critical flaws that could lead to...
The cybercrime group called GhostSec has been linked to a Golang variant of a ransomware family called GhostLocker. “TheGhostSec and Stormous ransomware...
A financial entity in Vietnam was the target of a previously undocumented threat actor called Lotus Bane as part of a cyber...
Apple has released security updates to address several security flaws, including two vulnerabilities that it said have been actively exploited in the...
North Korean threat actors have exploited the recently disclosed security flaws in ConnectWise ScreenConnect to deploy a new malware called TODDLERSHARK. According...
A new DNS threat actor dubbed Savvy Seahorse is leveraging sophisticated techniques to entice targets into fake investment platforms and steal funds....
More than 225,000 logs containing compromised OpenAI ChatGPT credentials were made available for sale on underground markets between January and October 2023,...
FBI Seizes BreachForums Again, Urges Users to Report Criminal Activity
Microsoft Patches 61 Flaws, Including Two Actively Exploited Zero-Days
The 2024 Browser Security Report Uncovers How Every Web Session Could be a Security Minefield
Severe Vulnerabilities in Cinterion Cellular Modems Pose Risks to Various Industries
Black Basta Ransomware Strikes 500+ Entities Across North America, Europe, and Australia
Malicious Python Package Hides Sliver C2 Framework in Fake Requests Library Logo
FIN7 Hacker Group Leverages Malicious Google Ads to Deliver NetSupport RAT
North Korean Hackers Deploy New Golang Malware ‘Durian’ Against Crypto Firms
Chrome Zero-Day Alert — Update Your Browser to Patch New Vulnerability
Malicious Android Apps Pose as Google, Instagram, WhatsApp to Steal Credentials
Kremlin-Backed APT28 Targets Polish Institutions in Large-Scale Malware Campaign
Mirai Botnet Exploits Ivanti Connect Secure Flaws for Malicious Payload Delivery
A SaaS Security Challenge: Getting Permissions All in One Place
The Fundamentals of Cloud Security Stress Testing
Hijack Loader Malware Employs Process Hollowing, UAC Bypass in Latest Version
Hackers Exploiting LiteSpeed Cache Bug to Gain Full Control of WordPress Sites
Russian Hacker Dmitry Khoroshev Unmasked as LockBit Ransomware Administrator
APT42 Hackers Pose as Journalists to Harvest Credentials and Access Cloud Data
China-Linked Hackers Used ROOTROT Webshell in MITRE Network Intrusion
New Case Study: The Malicious Comment