At least two different suspected China-linked cyber espionage clusters, tracked as UNC5325 and UNC3886, have been attributed to the exploitation of security...
An Iran-nexus threat actor known as UNC1549 has been attributed with medium confidence to a new set of attacks targeting aerospace, aviation,...
Traditional perimeter-based security has become costly and ineffective. As a result, communications security between people, systems, and networks is more important than...
Mexican users have been targeted with tax-themed phishing lures at least since November 2023 to distribute a previously undocumented Windows malware called...
In a new joint advisory, cybersecurity and intelligence agencies from the U.S. and other countries are urging users of Ubiquiti EdgeRouter to...
A security vulnerability has been disclosed in the LiteSpeed Cache plugin for WordPress that could enable unauthenticated users to escalate their privileges....
An “intricately designed” remote access trojan (RAT) called Xeno RAT has been made available on GitHub, making it easily accessible to other...
Processing alerts quickly and efficiently is the cornerstone of a Security Operations Center (SOC) professional’s role. Threat intelligence platforms can significantly enhance...
Cybersecurity researchers have found that it’s possible to compromise the Hugging Face Safetensors conversion service to ultimately hijack the models submitted by...
A critical security flaw has been disclosed in a popular WordPress plugin called Ultimate Member that has more than 200,000 active installations....
Ukrainian entities based in Finland have been targeted as part of a malicious campaign distributing a commercial remote access trojan known as...
More than 8,000 domains and 13,000 subdomains belonging to legitimate brands and institutions have been hijacked as part of a sophisticated distribution...
Last year, the Open Worldwide Application Security Project (OWASP) published multiple versions of the “OWASP Top 10 For Large Language Models,” reaching...
Cybersecurity researchers are warning about a spike in email phishing campaigns that are weaponizing the Google Cloud Run service to deliver various...
The threat actors behind the LockBit ransomware operation have resurfaced on the dark web using new infrastructure, days after an international law...
LockBitSupp, the individual(s) behind the persona representing the LockBit ransomware service on cybercrime forums such as Exploit and XSS, “has engaged with...
A dormant package available on the Python Package Index (PyPI) repository was updated nearly after two years to propagate an information stealer...
Microsoft has released an open access automation framework called PyRIT (short for Python Risk Identification Tool) to proactively identify risks in generative...
A recently open-sourced network mapping tool called SSH-Snake has been repurposed by threat actors to conduct malicious activities. “SSH-Snake is a self-modifying...
An installer for a tool likely used by the Russian Consular Department of the Ministry of Foreign Affairs (MID) has been backdoored...
Are Your SaaS Backups as Secure as Your Production Data?
MS Exchange Server Flaws Exploited to Deploy Keylogger in Targeted Attacks
SolarMarker Malware Evolves to Resist Takedown Attempts with Multi-Tiered Infrastructure
“Linguistic Lumberjack” Vulnerability Discovered in Popular Logging Utility Fluent Bit
Foxit PDF Reader Flaw Exploited by Hackers to Deliver Diverse Malware Arsenal
Defending Your Commits From Known CVEs With GitGuardian SCA And Git Hooks
Cyber Criminals Exploit GitHub and FileZilla to Deliver Malware Cocktail
Latrodectus Malware Loader Emerges as IcedID’s Successor in Phishing Campaigns
Grandoreiro Banking Trojan Resurfaces, Targeting Over 1,500 Banks Worldwide
Kinsing Hacker Group Exploits More Flaws to Expand Botnet for Cryptojacking
China-Linked Hackers Adopt Two-Stage Infection Tactic to Deploy Deuterbear RAT
Kimsuky APT Deploying Linux Backdoor Gomir in South Korean Cyber Attacks
New Wi-Fi Vulnerability Enables Network Eavesdropping via Downgrade Attacks
North Korean Hackers Exploit Facebook Messenger in Targeted Malware Campaign
Cybercriminals Exploiting Microsoft’s Quick Assist Feature in Ransomware Attacks
Google Patches Yet Another Actively Exploited Chrome Zero-Day Vulnerability
FBI Seizes BreachForums Again, Urges Users to Report Criminal Activity
Android 15 Rolls Out Advanced Features to Protect Users from Scams and Malicious Apps
Turla Group Deploys LunarWeb and LunarMail Backdoors in Diplomatic Missions
(Cyber) Risk = Probability of Occurrence x Damage