A suspected Vietnamese-origin threat actor has been observed targeting victims in several Asian and Southeast Asian countries with malware designed to harvest...
An updated version of an information-stealing malware called Rhadamanthys is being used in phishing campaigns targeting the oil and gas sector. “The...
Operational Technology (OT) refers to the hardware and software used to change, monitor, or control the enterprise’s physical devices, processes, and events....
New research has found that the CONTINUATION frame in the HTTP/2 protocol can be exploited to conduct denial-of-service (DoS) attacks. The technique...
The U.S. Cyber Safety Review Board (CSRB) has criticized Microsoft for a series of security lapses that led to the breach of...
Google on Tuesday said it’s piloting a new feature in Chrome called Device Bound Session Credentials (DBSC) to help protect users against...
The banking trojan known as Mispadu has expanded its focus beyond Latin America (LATAM) and Spanish-speaking individuals to target users in Italy,...
A critical security flaw impacting the LayerSlider plugin for WordPress could be abused to extract sensitive information from databases, such as password...
In an unsettling development that emerged late last week, the open-source community was thrust into a state of high alert following the...
The malicious code inserted into the open-source library XZ Utils, a widely used package present in major Linux distributions, is also capable...
A threat activity cluster tracked as Earth Freybug has been observed using a new malware called UNAPIMON to fly under the radar....
The threat actor known as TA558 has been attributed to a new massive phishing campaign that targets a wide range of sectors...
Despite a plethora of available security solutions, more and more organizations fall victim to Ransomware and other threats. These continued threats aren’t...
Several malicious Android apps that turn mobile devices running the operating system into residential proxies (RESIPs) for other threat actors have been...
The Android banking trojan known as Vultur has resurfaced with a suite of new features and improved anti-analysis and detection evasion techniques,...
Malicious ads and bogus websites are acting as a conduit to deliver two different stealer malware, including Atomic Stealer, targeting Apple macOS...
Red Hat on Friday released an “urgent security alert” warning that two versions of a popular data compression library called XZ Utils...
A botnet previously considered to be rendered inert has been observed enslaving end-of-life (EoL) small home/small office (SOHO) routers and IoT devices...
Network penetration testing plays a vital role in detecting vulnerabilities that can be exploited. The current method of performing pen testing is...
Details have emerged about a vulnerability impacting the “wall” command of the util-linux package that could be potentially exploited by a bad...
Millions of Malicious ‘Imageless’ Containers Planted on Docker Hub Over 5 Years
New U.K. Law Bans Default Passwords on Smart Devices Starting April 2024
Google Prevented 2.28 Million Malicious Apps from Reaching Play Store in 2023
Sandbox Escape Vulnerabilities in Judge0 Expose Systems to Complete Takeover
Okta Warns of Unprecedented Surge in Proxy-Driven Credential Stuffing Attacks
Ukraine Targeted in Cyberattack Exploiting 7-Year-Old Microsoft Office Flaw
Bogus npm Packages Used to Trick Software Developers into Installing Malware
New ‘Brokewell’ Android Malware Spread Through Fake Browser Updates
Hackers Exploiting WP-Automatic Plugin Bug to Create Admin Accounts on WordPress Sites
North Korea’s Lazarus Group Deploys New Kaolin RAT via Fake Job Lures
Network Threats: A Step-by-Step Attack Demonstration
State-Sponsored Hackers Exploit Two Cisco Zero-Day Vulnerabilities for Espionage
U.S. Treasury Sanctions Iranian Firms and Individuals Tied to Cyber Attacks
Researchers Detail Multistage Attack Hijacking Systems with SSLoad, Cobalt Strike
eScan Antivirus Update Mechanism Exploited to Spread Backdoors and Miners
CoralRaider Malware Campaign Exploits CDN Cache to Spread Info-Stealers
Apache Cordova App Harness Targeted in Dependency Confusion Attack
Unmasking the True Cost of Cyberattacks: Beyond Ransom and Recovery
Russia’s APT28 Exploited Windows Print Spooler Flaw to Deploy ‘GooseEgg’ Malware
ToddyCat Hacker Group Uses Advanced Tools for Industrial-Scale Data Theft