Threat actors have been found exploiting a critical flaw in Magento to inject a persistent backdoor into e-commerce websites. The attack leverages...
Bogus installers for Adobe Acrobat Reader are being used to distribute a new multi-functional malware dubbed Byakugan. The starting point of the...
A suspected Vietnamese-origin threat actor has been observed targeting victims in several Asian and Southeast Asian countries with malware designed to harvest...
An updated version of an information-stealing malware called Rhadamanthys is being used in phishing campaigns targeting the oil and gas sector. “The...
Operational Technology (OT) refers to the hardware and software used to change, monitor, or control the enterprise’s physical devices, processes, and events....
New research has found that the CONTINUATION frame in the HTTP/2 protocol can be exploited to conduct denial-of-service (DoS) attacks. The technique...
The U.S. Cyber Safety Review Board (CSRB) has criticized Microsoft for a series of security lapses that led to the breach of...
Google on Tuesday said it’s piloting a new feature in Chrome called Device Bound Session Credentials (DBSC) to help protect users against...
The banking trojan known as Mispadu has expanded its focus beyond Latin America (LATAM) and Spanish-speaking individuals to target users in Italy,...
A critical security flaw impacting the LayerSlider plugin for WordPress could be abused to extract sensitive information from databases, such as password...
In an unsettling development that emerged late last week, the open-source community was thrust into a state of high alert following the...
The malicious code inserted into the open-source library XZ Utils, a widely used package present in major Linux distributions, is also capable...
A threat activity cluster tracked as Earth Freybug has been observed using a new malware called UNAPIMON to fly under the radar....
The threat actor known as TA558 has been attributed to a new massive phishing campaign that targets a wide range of sectors...
Despite a plethora of available security solutions, more and more organizations fall victim to Ransomware and other threats. These continued threats aren’t...
Several malicious Android apps that turn mobile devices running the operating system into residential proxies (RESIPs) for other threat actors have been...
The Android banking trojan known as Vultur has resurfaced with a suite of new features and improved anti-analysis and detection evasion techniques,...
Malicious ads and bogus websites are acting as a conduit to deliver two different stealer malware, including Atomic Stealer, targeting Apple macOS...
Red Hat on Friday released an “urgent security alert” warning that two versions of a popular data compression library called XZ Utils...
A botnet previously considered to be rendered inert has been observed enslaving end-of-life (EoL) small home/small office (SOHO) routers and IoT devices...
Kremlin-Backed APT28 Targets Polish Institutions in Large-Scale Malware Campaign
Russian Hacker Dmitry Khoroshev Unmasked as LockBit Ransomware Administrator
APT42 Hackers Pose as Journalists to Harvest Credentials and Access Cloud Data
China-Linked Hackers Used ROOTROT Webshell in MITRE Network Intrusion
New Case Study: The Malicious Comment
China-Linked Hackers Suspected in ArcaneDoor Cyberattacks Targeting Network Devices
New ‘Cuckoo’ Persistent macOS Spyware Targeting Intel and Arm Macs
Microsoft Outlook Flaw Exploited by Russia’s APT28 to Hack Czech, German Entities
Hackers Increasingly Abusing Microsoft Graph API for Stealthy Malware Communications
NSA, FBI Alert on N. Korean Hackers Spoofing Emails from Trusted Sources
Four Critical Vulnerabilities Expose HPE Aruba Devices to RCE Attacks
Popular Android Apps Like Xiaomi, WPS Office Vulnerable to File Overwrite Flaw
When is One Vulnerability Scanner Not Enough?
Dropbox Discloses Breach of Digital Signature Service Affecting All Users
New “Goldoon” Botnet Targets D-Link Routers With Decade-Old Flaw
CISA Warns of Active Exploitation of Severe GitLab Password Reset Vulnerability
New Cuttlefish Malware Hijacks Router Connections, Sniffs for Cloud Credentials
Android Malware Wpeeper Uses Compromised WordPress Sites to Hide C2 Servers
How to Make Your Employees Your First Line of Cyber Defense
ZLoader Malware Evolves with Anti-Analysis Trick from Zeus Banking Trojan