Cybersecurity researchers are calling attention to the “democratization” of the phishing ecosystem owing to the emergence of Telegram as an epicenter for...
The SEC isn’t giving SaaS a free pass. Applicable public companies, known as “registrants,” are now subject to cyber incident disclosure and...
A pair of recently disclosed zero-day flaws in Ivanti Connect Secure (ICS) virtual private network (VPN) devices have been exploited to deliver...
A Brazilian law enforcement operation has led to the arrest of several Brazilian operators in charge of the Grandoreiro malware. The Federal...
GitLab once again released fixes to address a critical security flaw in its Community Edition (CE) and Enterprise Edition (EE) that could...
The China-based threat actor known as Mustang Panda is suspected to have targeted Myanmar’s Ministry of Defence and Foreign Affairs as part...
Each New Year introduces a new set of challenges and opportunities for strengthening our cybersecurity posture. It’s the nature of the field...
Threat hunters have identified a new campaign that delivers the ZLoader malware, resurfacing nearly two years after the botnet’s infrastructure was dismantled...
Juniper Networks has released out-of-band updates to address high-severity flaws in SRX Series and EX Series that could be exploited by a...
Recent news about a critical vulnerability in Jenkins, identified as CVE-2024-23897, has raised significant concerns in the cybersecurity community. This vulnerability has...
A now-patched security flaw in Microsoft Outlook could be exploited by threat actors to access NT LAN Manager (NTLM) v2 hashed passwords...
In nearly every segment of our lives, AI (artificial intelligence) now makes a significant impact: It can deliver better healthcare diagnoses and...
Cybersecurity researchers have detected in the wild yet another variant of the Phobos ransomware family known as Faust. Fortinet FortiGuard Labs, which...
Cybersecurity researchers have identified malicious packages on the open-source Python Package Index (PyPI) repository that deliver an information stealing malware called WhiteSnake...
Mexican financial institutions are under the radar of a new spear-phishing campaign that delivers a modified version of an open-source remote access...
Chinese-speaking users have been targeted by malicious Google ads for restricted messaging apps like Telegram as part of an ongoing malvertising campaign....
Microsoft on Thursday said the Russian state-sponsored threat actors responsible for a cyber attack on its systems in late November 2023 have...
40-year-old Russian national Vladimir Dunaev has been sentenced to five years and four months in prison for his role in creating and...
Cisco has released patches to address a critical security flaw impacting Unified Communications and Contact Center Solutions products that could permit an...
Cybersecurity researchers have shed light on the command-and-control (C2) server workings of a known malware family called SystemBC. “SystemBC can be purchased...
Hackers Exploiting WP-Automatic Plugin Bug to Create Admin Accounts on WordPress Sites
State-Sponsored Hackers Exploit Two Cisco Zero-Day Vulnerabilities for Espionage
U.S. Treasury Sanctions Iranian Firms and Individuals Tied to Cyber Attacks
Researchers Detail Multistage Attack Hijacking Systems with SSLoad, Cobalt Strike
eScan Antivirus Update Mechanism Exploited to Spread Backdoors and Miners
CoralRaider Malware Campaign Exploits CDN Cache to Spread Info-Stealers
Apache Cordova App Harness Targeted in Dependency Confusion Attack
Unmasking the True Cost of Cyberattacks: Beyond Ransom and Recovery
Russia’s APT28 Exploited Windows Print Spooler Flaw to Deploy ‘GooseEgg’ Malware
ToddyCat Hacker Group Uses Advanced Tools for Industrial-Scale Data Theft
Ransomware Double-Dip: Re-Victimization in Cyber Extortion
Researchers Uncover Windows Flaws Granting Hackers Rootkit-Like Powers
Microsoft Warns: North Korean Hackers Turn to AI-Fueled Cyber Espionage
New RedLine Stealer Variant Disguised as Game Cheats Using Lua Bytecode for Stealth
Palo Alto Networks Discloses More Details on Critical PAN-OS Flaw Under Attack
Critical Update: CrushFTP Zero-Day Flaw Exploited in Targeted Attacks
BlackTech Targets Tech, Research, and Gov Sectors New ‘Deuterbear’ Tool
Hackers Target Middle East Governments with Evasive “CR4T” Backdoor
OfflRouter Malware Evades Detection in Ukraine for Almost a Decade
FIN7 Cybercrime Group Targeting U.S. Auto Industry with Carbanak Backdoor