Threat actors are actively scanning and exploiting a pair of security flaws that are said to affect as many as 92,000 internet-exposed...
Threat hunters have discovered a new malware called Latrodectus that has been distributed as part of email phishing campaigns since at least...
The ransomware industry surged in 2023 as it saw an alarming 55.5% increase in victims worldwide, reaching a staggering 5,070. But 2024...
A new phishing campaign has set its eyes on the Latin American region to deliver malicious payloads to Windows systems. “The phishing...
Google has filed a lawsuit in the U.S. against two app developers for allegedly engaging in an “international online consumer investment fraud...
Threat actors have been found exploiting a critical flaw in Magento to inject a persistent backdoor into e-commerce websites. The attack leverages...
Bogus installers for Adobe Acrobat Reader are being used to distribute a new multi-functional malware dubbed Byakugan. The starting point of the...
A suspected Vietnamese-origin threat actor has been observed targeting victims in several Asian and Southeast Asian countries with malware designed to harvest...
An updated version of an information-stealing malware called Rhadamanthys is being used in phishing campaigns targeting the oil and gas sector. “The...
Operational Technology (OT) refers to the hardware and software used to change, monitor, or control the enterprise’s physical devices, processes, and events....
New research has found that the CONTINUATION frame in the HTTP/2 protocol can be exploited to conduct denial-of-service (DoS) attacks. The technique...
The U.S. Cyber Safety Review Board (CSRB) has criticized Microsoft for a series of security lapses that led to the breach of...
Google on Tuesday said it’s piloting a new feature in Chrome called Device Bound Session Credentials (DBSC) to help protect users against...
The banking trojan known as Mispadu has expanded its focus beyond Latin America (LATAM) and Spanish-speaking individuals to target users in Italy,...
A critical security flaw impacting the LayerSlider plugin for WordPress could be abused to extract sensitive information from databases, such as password...
In an unsettling development that emerged late last week, the open-source community was thrust into a state of high alert following the...
The malicious code inserted into the open-source library XZ Utils, a widely used package present in major Linux distributions, is also capable...
A threat activity cluster tracked as Earth Freybug has been observed using a new malware called UNAPIMON to fly under the radar....
The threat actor known as TA558 has been attributed to a new massive phishing campaign that targets a wide range of sectors...
Despite a plethora of available security solutions, more and more organizations fall victim to Ransomware and other threats. These continued threats aren’t...
Critical Update: CrushFTP Zero-Day Flaw Exploited in Targeted Attacks
New Android Trojan ‘SoumniBot’ Evades Detection with Clever Tricks
Russian APT Deploys New ‘Kapeka’ Backdoor in Eastern European Attacks
Critical Atlassian Flaw Exploited to Deploy Linux Variant of Cerber Ransomware
Hackers Exploit Fortinet Flaw, Deploy ScreenConnect, Metasploit in New Campaign
Compromising Cryptographic Key Security Through PuTTY: A Deep Dive into CVE-2024-31497
TA558 Hackers Weaponize Images for Wide-Scale Malware Attacks
AWS, Google, and Azure CLI Tools Could Leak Credentials in Build Logs
Widely-Used PuTTY SSH Client Found Vulnerable to Key Recovery Attack
FTC Fines Mental Health Startup Cerebral $7 Million for Major Privacy Violations
Hive RAT Creators and $3.5M Cryptojacking Mastermind Arrested in Global Crackdown
Intel and Lenovo BMCs Contain Unpatched Lighttpd Server Flaw
AI Copilot: Launching Innovation Rockets, But Beware of the Darkness Ahead
Muddled Libra Shifts Focus to SaaS and Cloud for Extortion and Data Theft Attacks
Timing is Everything: The Role of Just-in-Time Privileged Access in Security Evolution
Chinese-Linked LightSpy iOS Spyware Targets South Asian iPhone Users
Palo Alto Networks Releases Urgent Fixes for Exploited PAN-OS Vulnerability
U.S. Treasury Hamas Spokesperson for Cyber Influence Operations
Hackers Deploy Python Backdoor in Palo Alto Zero-Day Attack
Popular Rust Crate liblzma-sys Compromised with XZ Utils Backdoor Files