Between crossovers – Do threat actors play dirty or desperate? In our dataset of over 11,000 victim organizations that have experienced a...
New research has found that the DOS-to-NT path conversion process could be exploited by threat actors to achieve rootkit-like capabilities to conceal...
Microsoft has revealed that North Korea-linked state-sponsored cyber actors have begun to use artificial intelligence (AI) to make their operations more effective...
A new information stealer has been found leveraging Lua bytecode for added stealth and sophistication, findings from McAfee Labs reveal. The cybersecurity...
Palo Alto Networks has shared more details of a critical security flaw impacting PAN-OS that has come under active exploitation in the...
Users of the CrushFTP enterprise file transfer software are being urged to update to the latest version following the discovery of a...
Technology, research, and government sectors in the Asia-Pacific region have been targeted by a threat actor called BlackTech as part of a...
Government entities in the Middle East have been targeted as part of a previously undocumented campaign to deliver a new backdoor dubbed...
Select Ukrainian government networks have remained infected with a malware called OfflRouter since 2015. Cisco Talos said its findings are based on...
The infamous cybercrime syndicate known as FIN7 has been linked to a spear-phishing campaign targeting the U.S. automotive industry to deliver a...
Super Low RPO with Continuous Data Protection: Dial Back to Just Seconds Before an Attack Zerto, a Hewlett Packard Enterprise company, can...
A new Android trojan called SoumniBot has been detected in the wild targeting users in South Korea by leveraging weaknesses in the...
A new Google malvertising campaign is leveraging a cluster of domains mimicking a legitimate IP scanner software to deliver a previously unknown...
A previously undocumented “flexible” backdoor called Kapeka has been “sporadically” observed in cyber attacks targeting Eastern Europe, including Estonia and Ukraine, since...
The introduction of Open AI’s ChatGPT was a defining moment for the software industry, touching off a GenAI race with its November...
Threat actors are exploiting unpatched Atlassian servers to deploy a Linux variant of Cerber (aka C3RB3R) ransomware. The attacks leverage CVE-2023-22518 (CVSS...
Cybersecurity researchers have discovered a new campaign that’s exploiting a recently disclosed security flaw in Fortinet FortiClient EMS devices to deliver ScreenConnect...
CVE-2024-31497 has emerged as a critical security flaw affecting PuTTY, a widely used SSH and Telnet client, from versions 0.68 through 0.80,...
The threat actor tracked as TA558 has been observed leveraging steganography as an obfuscation technique to deliver a wide range of malware...
New cybersecurity research has found that command-line interface (CLI) tools from Amazon Web Services (AWS) and Google Cloud can expose sensitive credentials...
Millions of Malicious ‘Imageless’ Containers Planted on Docker Hub Over 5 Years
New U.K. Law Bans Default Passwords on Smart Devices Starting April 2024
Google Prevented 2.28 Million Malicious Apps from Reaching Play Store in 2023
Sandbox Escape Vulnerabilities in Judge0 Expose Systems to Complete Takeover
Okta Warns of Unprecedented Surge in Proxy-Driven Credential Stuffing Attacks
Ukraine Targeted in Cyberattack Exploiting 7-Year-Old Microsoft Office Flaw
Bogus npm Packages Used to Trick Software Developers into Installing Malware
New ‘Brokewell’ Android Malware Spread Through Fake Browser Updates
Hackers Exploiting WP-Automatic Plugin Bug to Create Admin Accounts on WordPress Sites
North Korea’s Lazarus Group Deploys New Kaolin RAT via Fake Job Lures
Network Threats: A Step-by-Step Attack Demonstration
State-Sponsored Hackers Exploit Two Cisco Zero-Day Vulnerabilities for Espionage
U.S. Treasury Sanctions Iranian Firms and Individuals Tied to Cyber Attacks
Researchers Detail Multistage Attack Hijacking Systems with SSLoad, Cobalt Strike
eScan Antivirus Update Mechanism Exploited to Spread Backdoors and Miners
CoralRaider Malware Campaign Exploits CDN Cache to Spread Info-Stealers
Apache Cordova App Harness Targeted in Dependency Confusion Attack
Unmasking the True Cost of Cyberattacks: Beyond Ransom and Recovery
Russia’s APT28 Exploited Windows Print Spooler Flaw to Deploy ‘GooseEgg’ Malware
ToddyCat Hacker Group Uses Advanced Tools for Industrial-Scale Data Theft