Cybersecurity researchers have discovered an ongoing attack campaign that’s leveraging phishing emails to deliver malware called SSLoad. The campaign, codenamed FROZEN#SHADOW by...
A new malware campaign has been exploiting the updating mechanism of the eScan antivirus software to distribute backdoors and cryptocurrency miners like...
A new ongoing malware campaign has been observed distributing three different stealers, such as CryptBot, LummaC2, and Rhadamanthys hosted on Content Delivery...
Researchers have identified a dependency confusion vulnerability impacting an archived Apache project called Cordova App Harness. Dependency confusion attacks take place owing...
Cybersecurity breaches can be devastating for both individuals and businesses alike. While many people tend to focus on understanding how and why...
The Russia-linked nation-state threat actor tracked as APT28 weaponized a security flaw in the Microsoft Windows Print Spooler component to deliver a...
The threat actor known as ToddyCat has been observed using a wide range of tools to retain access to compromised environments and...
Between crossovers – Do threat actors play dirty or desperate? In our dataset of over 11,000 victim organizations that have experienced a...
New research has found that the DOS-to-NT path conversion process could be exploited by threat actors to achieve rootkit-like capabilities to conceal...
Microsoft has revealed that North Korea-linked state-sponsored cyber actors have begun to use artificial intelligence (AI) to make their operations more effective...
A new information stealer has been found leveraging Lua bytecode for added stealth and sophistication, findings from McAfee Labs reveal. The cybersecurity...
Palo Alto Networks has shared more details of a critical security flaw impacting PAN-OS that has come under active exploitation in the...
Users of the CrushFTP enterprise file transfer software are being urged to update to the latest version following the discovery of a...
Technology, research, and government sectors in the Asia-Pacific region have been targeted by a threat actor called BlackTech as part of a...
Government entities in the Middle East have been targeted as part of a previously undocumented campaign to deliver a new backdoor dubbed...
Select Ukrainian government networks have remained infected with a malware called OfflRouter since 2015. Cisco Talos said its findings are based on...
The infamous cybercrime syndicate known as FIN7 has been linked to a spear-phishing campaign targeting the U.S. automotive industry to deliver a...
Super Low RPO with Continuous Data Protection: Dial Back to Just Seconds Before an Attack Zerto, a Hewlett Packard Enterprise company, can...
A new Android trojan called SoumniBot has been detected in the wild targeting users in South Korea by leveraging weaknesses in the...
A new Google malvertising campaign is leveraging a cluster of domains mimicking a legitimate IP scanner software to deliver a previously unknown...
Microsoft Outlook Flaw Exploited by Russia’s APT28 to Hack Czech, German Entities
Popular Android Apps Like Xiaomi, WPS Office Vulnerable to File Overwrite Flaw
Dropbox Discloses Breach of Digital Signature Service Affecting All Users
CISA Warns of Active Exploitation of Severe GitLab Password Reset Vulnerability
New Cuttlefish Malware Hijacks Router Connections, Sniffs for Cloud Credentials
Android Malware Wpeeper Uses Compromised WordPress Sites to Hide C2 Servers
Millions of Malicious ‘Imageless’ Containers Planted on Docker Hub Over 5 Years
New U.K. Law Bans Default Passwords on Smart Devices Starting April 2024
Google Prevented 2.28 Million Malicious Apps from Reaching Play Store in 2023
Navigating the Threat Landscape: Understanding Exposure Management, Pentesting, Red Teaming and RBVM
Sandbox Escape Vulnerabilities in Judge0 Expose Systems to Complete Takeover
Okta Warns of Unprecedented Surge in Proxy-Driven Credential Stuffing Attacks
Ukraine Targeted in Cyberattack Exploiting 7-Year-Old Microsoft Office Flaw
Bogus npm Packages Used to Trick Software Developers into Installing Malware
New ‘Brokewell’ Android Malware Spread Through Fake Browser Updates
Hackers Exploiting WP-Automatic Plugin Bug to Create Admin Accounts on WordPress Sites
North Korea’s Lazarus Group Deploys New Kaolin RAT via Fake Job Lures
Network Threats: A Step-by-Step Attack Demonstration
State-Sponsored Hackers Exploit Two Cisco Zero-Day Vulnerabilities for Espionage
U.S. Treasury Sanctions Iranian Firms and Individuals Tied to Cyber Attacks