Cybercriminals are using a network of hired money mules in India using an Android-based application to orchestrate a massive money laundering scheme....
A company’s lifecycle stage, size, and state have a significant impact on its security needs, policies, and priorities. This is particularly true...
As many as 100 malicious artificial intelligence (AI)/machine learning (ML) models have been discovered in the Hugging Face platform. These include instances...
U.S. cybersecurity and intelligence agencies have warned of Phobos ransomware attacks targeting government and critical infrastructure entities, outlining the various tactics and...
A U.S. judge has ordered NSO Group to hand over its source code for Pegasus and other remote access trojans to Meta...
Cybersecurity researchers have discovered a new Linux variant of a remote access trojan (RAT) called BIFROSE (aka Bifrost) that uses a deceptive...
The Five Eyes (FVEY) intelligence alliance has issued a new cybersecurity advisory warning of cyber threat actors exploiting known security flaws in...
GitHub on Thursday announced that it’s enabling secret scanning push protection by default for all pushes to public repositories. “This means that...
Threat hunters have discovered a new Linux malware called GTPDOOR that’s designed to be deployed in telecom networks that are adjacent to...
The notorious Lazarus Group actors exploited a recently patched privilege escalation flaw in the Windows Kernel as a zero-day to obtain kernel-level...
As an IT leader, staying on top of the latest cybersecurity developments is essential to keeping your organization safe. But with threats...
A previously undocumented threat actor dubbed SPIKEDWINE has been observed targeting officials in European countries with Indian diplomatic missions using a new...
The notorious North Korean state-backed hacking group Lazarus uploaded four packages to the Python Package Index (PyPI) repository with the goal of...
At least two different suspected China-linked cyber espionage clusters, tracked as UNC5325 and UNC3886, have been attributed to the exploitation of security...
An Iran-nexus threat actor known as UNC1549 has been attributed with medium confidence to a new set of attacks targeting aerospace, aviation,...
Traditional perimeter-based security has become costly and ineffective. As a result, communications security between people, systems, and networks is more important than...
Mexican users have been targeted with tax-themed phishing lures at least since November 2023 to distribute a previously undocumented Windows malware called...
In a new joint advisory, cybersecurity and intelligence agencies from the U.S. and other countries are urging users of Ubiquiti EdgeRouter to...
A security vulnerability has been disclosed in the LiteSpeed Cache plugin for WordPress that could enable unauthenticated users to escalate their privileges....
An “intricately designed” remote access trojan (RAT) called Xeno RAT has been made available on GitHub, making it easily accessible to other...
Key Lesson from Microsoft’s Password Spray Hack: Secure Every Account
AWS Patches Critical ‘FlowFixation’ Bug in Airflow Service to Prevent Session Hijacking
China-Linked Group Breaches Networks via Connectwise, F5 Software Flaws
Massive Sign1 Campaign Infects 39,000+ WordPress Sites with Scam Redirects
Russian Hackers May Have Targeted Ukrainian Telecoms with Upgraded ‘AcidPour’ Malware
AndroxGh0st Malware Targets Laravel Apps to Steal Cloud Credentials
Making Sense of Operational Technology Attacks: The Past, Present, and Future
Ivanti Releases Urgent Fix for Critical Sentry RCE Vulnerability
Atlassian Releases Fixes for Over 2 Dozen Flaws, Including Critical Bamboo Bug
TeamCity Flaw Leads to Surge in Ransomware, Cryptomining, and RAT Attacks
Ukraine Arrests Trio for Hijacking Over 100 Million Email and Instagram Accounts
APIs Drive the Majority of Internet Traffic and Cybercriminals are Taking Advantage
From Deepfakes to Malware: AI’s Expanding Role in Cyber Attacks
Crafting and Communicating Your Cybersecurity Strategy for Board Buy-In
Suspected Russian Data-Wiping ‘AcidPour’ Malware Targeting Linux x86 Devices
New Phishing Attack Uses Clever Microsoft Office Trick to Deploy NetSupport RAT
New DEEP#GOSU Malware Campaign Targets Windows Users with Advanced Tactics
Fortra Patches Critical RCE Vulnerability in FileCatalyst Transfer Tool
Hackers Using Sneaky HTML Smuggling to Deliver Malware via Fake Google Sites
WordPress Admins Urged to Remove miniOrange Plugins Due to Critical Flaw