The ransomware group known as Kasseika has become the latest to leverage the Bring Your Own Vulnerable Driver (BYOVD) attack to disarm...
In a world where more & more organizations are adopting open-source components as foundational blocks in their application’s infrastructure, it’s difficult to...
Governments from Australia, the U.K., and the U.S. have imposed financial sanctions on a Russian national for his alleged role in the...
A critical security flaw has been disclosed in Fortra’s GoAnywhere Managed File Transfer (MFT) software that could be abused to create a...
The threat actors behind ClearFake, SocGholish, and dozens of other actors have established partnerships with another entity known as VexTrio as part...
Cracked software have been observed infecting Apple macOS users with a previously undocumented stealer malware capable of harvesting system information and cryptocurrency...
Conor Brian Fitzpatrick has been sentenced to time served and 20 years of supervised release for his role as the creator and...
Malicious actors have begun to actively exploit a recently disclosed critical security flaw impacting Atlassian Confluence Data Center and Confluence Server, within...
Varonis Threat Labs has uncovered a significant vulnerability in Microsoft Outlook (CVE-2023-35636) that allows attackers to access NTLM v2 hashed passwords. This...
Media organizations and high-profile experts in North Korean affairs have been at the receiving end of a new campaign orchestrated by a...
Several public and popular libraries abandoned but still used in Java and Android applications have been found susceptible to a new software...
Cybersecurity researchers have discovered a new Java-based “sophisticated” information stealer that uses a Discord bot to exfiltrate sensitive data from compromised hosts....
We analyzed 2,5 million vulnerabilities we discovered in our customer’s assets. This is what we found. Digging into the data The dataset...
Cybersecurity researchers are warning of a “notable increase” in threat actor activity actively exploiting a now-patched flaw in Apache ActiveMQ to deliver...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday issued an emergency directive urging Federal Civilian Executive Branch (FCEB) agencies to...
The threat actor tracked as TA866 has resurfaced after a nine-month hiatus with a new large-volume phishing campaign to deliver known malware...
Pirated applications targeting Apple macOS users have been observed containing a backdoor capable of granting attackers remote control to infected machines. “These...
Vulnerable Docker services are being targeted by a novel campaign in which the threat actors are deploying XMRig cryptocurrency miner as well...
In today’s digital landscape, traditional password-only authentication systems have proven to be vulnerable to a wide range of cyberattacks. To safeguard critical...
Multiple security vulnerabilities have been disclosed in the TCP/IP network protocol stack of an open-source reference implementation of the Unified Extensible Firmware...
U.S. Treasury Sanctions Iranian Firms and Individuals Tied to Cyber Attacks
Researchers Detail Multistage Attack Hijacking Systems with SSLoad, Cobalt Strike
eScan Antivirus Update Mechanism Exploited to Spread Backdoors and Miners
CoralRaider Malware Campaign Exploits CDN Cache to Spread Info-Stealers
Apache Cordova App Harness Targeted in Dependency Confusion Attack
Russia’s APT28 Exploited Windows Print Spooler Flaw to Deploy ‘GooseEgg’ Malware
Ransomware Double-Dip: Re-Victimization in Cyber Extortion
Researchers Uncover Windows Flaws Granting Hackers Rootkit-Like Powers
Microsoft Warns: North Korean Hackers Turn to AI-Fueled Cyber Espionage
New RedLine Stealer Variant Disguised as Game Cheats Using Lua Bytecode for Stealth
Palo Alto Networks Discloses More Details on Critical PAN-OS Flaw Under Attack
Critical Update: CrushFTP Zero-Day Flaw Exploited in Targeted Attacks
BlackTech Targets Tech, Research, and Gov Sectors New ‘Deuterbear’ Tool
Hackers Target Middle East Governments with Evasive “CR4T” Backdoor
OfflRouter Malware Evades Detection in Ukraine for Almost a Decade
FIN7 Cybercrime Group Targeting U.S. Auto Industry with Carbanak Backdoor
New Android Trojan ‘SoumniBot’ Evades Detection with Clever Tricks
Malicious Google Ads Pushing Fake IP Scanner Software with Hidden Backdoor
Russian APT Deploys New ‘Kapeka’ Backdoor in Eastern European Attacks
GenAI: A New Headache for SaaS Security Teams