A critical security flaw has been disclosed in Fortra’s GoAnywhere Managed File Transfer (MFT) software that could be abused to create a...
The threat actors behind ClearFake, SocGholish, and dozens of other actors have established partnerships with another entity known as VexTrio as part...
Cracked software have been observed infecting Apple macOS users with a previously undocumented stealer malware capable of harvesting system information and cryptocurrency...
Conor Brian Fitzpatrick has been sentenced to time served and 20 years of supervised release for his role as the creator and...
Malicious actors have begun to actively exploit a recently disclosed critical security flaw impacting Atlassian Confluence Data Center and Confluence Server, within...
Varonis Threat Labs has uncovered a significant vulnerability in Microsoft Outlook (CVE-2023-35636) that allows attackers to access NTLM v2 hashed passwords. This...
Media organizations and high-profile experts in North Korean affairs have been at the receiving end of a new campaign orchestrated by a...
Several public and popular libraries abandoned but still used in Java and Android applications have been found susceptible to a new software...
Cybersecurity researchers have discovered a new Java-based “sophisticated” information stealer that uses a Discord bot to exfiltrate sensitive data from compromised hosts....
We analyzed 2,5 million vulnerabilities we discovered in our customer’s assets. This is what we found. Digging into the data The dataset...
Cybersecurity researchers are warning of a “notable increase” in threat actor activity actively exploiting a now-patched flaw in Apache ActiveMQ to deliver...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday issued an emergency directive urging Federal Civilian Executive Branch (FCEB) agencies to...
The threat actor tracked as TA866 has resurfaced after a nine-month hiatus with a new large-volume phishing campaign to deliver known malware...
Pirated applications targeting Apple macOS users have been observed containing a backdoor capable of granting attackers remote control to infected machines. “These...
Vulnerable Docker services are being targeted by a novel campaign in which the threat actors are deploying XMRig cryptocurrency miner as well...
In today’s digital landscape, traditional password-only authentication systems have proven to be vulnerable to a wide range of cyberattacks. To safeguard critical...
Multiple security vulnerabilities have been disclosed in the TCP/IP network protocol stack of an open-source reference implementation of the Unified Extensible Firmware...
High-profile individuals working on Middle Eastern affairs at universities and research organizations in Belgium, France, Gaza, Israel, the U.K., and the U.S....
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) warned that threat actors deploying the AndroxGh0st...
Google Chrome has released its stable channel update version 20.0.6099.234 for Mac, 120.0.6099.224 for Linux, and 120.0.6099.224/225 for Windows. However, Google stated...
Kremlin-Backed APT28 Targets Polish Institutions in Large-Scale Malware Campaign
Russian Hacker Dmitry Khoroshev Unmasked as LockBit Ransomware Administrator
APT42 Hackers Pose as Journalists to Harvest Credentials and Access Cloud Data
China-Linked Hackers Used ROOTROT Webshell in MITRE Network Intrusion
New Case Study: The Malicious Comment
China-Linked Hackers Suspected in ArcaneDoor Cyberattacks Targeting Network Devices
New ‘Cuckoo’ Persistent macOS Spyware Targeting Intel and Arm Macs
Microsoft Outlook Flaw Exploited by Russia’s APT28 to Hack Czech, German Entities
Hackers Increasingly Abusing Microsoft Graph API for Stealthy Malware Communications
NSA, FBI Alert on N. Korean Hackers Spoofing Emails from Trusted Sources
Four Critical Vulnerabilities Expose HPE Aruba Devices to RCE Attacks
Popular Android Apps Like Xiaomi, WPS Office Vulnerable to File Overwrite Flaw
When is One Vulnerability Scanner Not Enough?
Dropbox Discloses Breach of Digital Signature Service Affecting All Users
New “Goldoon” Botnet Targets D-Link Routers With Decade-Old Flaw
CISA Warns of Active Exploitation of Severe GitLab Password Reset Vulnerability
New Cuttlefish Malware Hijacks Router Connections, Sniffs for Cloud Credentials
Android Malware Wpeeper Uses Compromised WordPress Sites to Hide C2 Servers
How to Make Your Employees Your First Line of Cyber Defense
ZLoader Malware Evolves with Anti-Analysis Trick from Zeus Banking Trojan