The Russia-linked threat actor known as Turla has been observed using a new backdoor called TinyTurla-NG as part of a three-month-long campaign...
A reverse engineering of the firmware running on Ivanti Pulse Secure appliances has revealed numerous weaknesses, once again underscoring the challenge of...
With many of the highly publicized 2023 cyber attacks revolving around one or more SaaS applications, SaaS has become a cause for...
A Chinese-speaking threat actor codenamed GoldFactory has been attributed to the development of highly sophisticated banking trojans, including a previously undocumented iOS...
Microsoft on Wednesday acknowledged that a newly disclosed critical security flaw in Exchange Server has been actively exploited in the wild, a...
Nation-state actors associated with Russia, North Korea, Iran, and China are experimenting with artificial intelligence (AI) and large language models (LLMs) to...
Cybersecurity researchers have found that it’s possible for threat actors to exploit a well-known utility called command-not-found to recommend their own rogue...
The landscape of cybersecurity in financial services is undergoing a rapid transformation. Cybercriminals are exploiting advanced technologies and methodologies, making traditional security...
The infamous malware loader and initial access broker known as Bumblebee has resurfaced after a four-month absence as part of a new...
A newly disclosed security flaw in the Microsoft Defender SmartScreen has been exploited as a zero-day by an advanced persistent threat actor...
Microsoft has released patches to address 73 security flaws spanning its software lineup as part of its Patch Tuesday updates for February...
Threat actors are leveraging a recently disclosed security flaw impacting Ivanti Connect Secure, Policy Secure, and ZTA gateways to deploy a backdoor...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a medium-severity security flaw impacting Roundcube email software to its Known...
The U.S. Justice Department (DoJ) on Friday announced the seizure of online infrastructure that was used to sell a remote access trojan...
Apple macOS users are the target of a new Rust-based backdoor that has been operating under the radar since November 2023. The...
The operators of Raspberry Robin are now using two new one-day exploits to achieve local privilege escalation, even as the malware continues...
Threat hunters have identified a new variant of Android malware called MoqHao that automatically executes on infected devices without requiring any user...
Introduction The modern software supply chain represents an ever-evolving threat landscape, with each package added to the manifest introducing new attack vectors....
Fortinet has disclosed a new critical security flaw in FortiOS SSL VPN that it said is likely being exploited in the wild....
Ivanti has alerted customers of yet another high-severity security flaw in its Connect Secure, Policy Secure, and ZTA gateway devices that could...
Kremlin-Backed APT28 Targets Polish Institutions in Large-Scale Malware Campaign
Russian Hacker Dmitry Khoroshev Unmasked as LockBit Ransomware Administrator
APT42 Hackers Pose as Journalists to Harvest Credentials and Access Cloud Data
China-Linked Hackers Used ROOTROT Webshell in MITRE Network Intrusion
New Case Study: The Malicious Comment
China-Linked Hackers Suspected in ArcaneDoor Cyberattacks Targeting Network Devices
New ‘Cuckoo’ Persistent macOS Spyware Targeting Intel and Arm Macs
Microsoft Outlook Flaw Exploited by Russia’s APT28 to Hack Czech, German Entities
Hackers Increasingly Abusing Microsoft Graph API for Stealthy Malware Communications
NSA, FBI Alert on N. Korean Hackers Spoofing Emails from Trusted Sources
Four Critical Vulnerabilities Expose HPE Aruba Devices to RCE Attacks
Popular Android Apps Like Xiaomi, WPS Office Vulnerable to File Overwrite Flaw
When is One Vulnerability Scanner Not Enough?
Dropbox Discloses Breach of Digital Signature Service Affecting All Users
New “Goldoon” Botnet Targets D-Link Routers With Decade-Old Flaw
CISA Warns of Active Exploitation of Severe GitLab Password Reset Vulnerability
New Cuttlefish Malware Hijacks Router Connections, Sniffs for Cloud Credentials
Android Malware Wpeeper Uses Compromised WordPress Sites to Hide C2 Servers
How to Make Your Employees Your First Line of Cyber Defense
ZLoader Malware Evolves with Anti-Analysis Trick from Zeus Banking Trojan