Microsoft on Friday revealed that the Kremlin-backed threat actor known as Midnight Blizzard (aka APT29 or Cozy Bear) managed to gain access...
In a significant development that could reshape the cybersecurity landscape of industrial control systems (ICS), a team of researchers from the Georgia...
Cisco has released patches to address a high-severity security flaw impacting its Secure Client software that could be exploited by a threat...
Threat actors have been observed leveraging the QEMU open-source hardware emulator as tunneling software during a cyber attack targeting an unnamed “large...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a critical security flaw impacting JetBrains TeamCity On-Premises software to its...
Threat actors are conducting brute-force attacks against WordPress sites by leveraging malicious JavaScript injections, new findings from Sucuri reveal. The attacks, which...
The China-linked threat actor known as Evasive Panda orchestrated both watering hole and supply chain attacks targeting Tibetan users at least since...
In today’s rapidly evolving SaaS environment, the focus is on human users. This is one of the most compromised areas in SaaS...
The U.S. Department of Justice (DoJ) announced the indictment of a 38-year-old Chinese national and a California resident for allegedly stealing proprietary...
Facebook messages are being used by threat actors to distribute a Python-based information stealer dubbed Snake that’s designed to capture credentials and...
Threat actors have been leveraging fake websites advertising popular video conferencing software such as Google Meet, Skype, and Zoom to deliver a...
In the interconnected world of modern software development, Application Programming Interfaces (APIs) play a pivotal role in enabling systems to communicate and...
Threat actors are targeting misconfigured and vulnerable servers running Apache Hadoop YARN, Docker, Atlassian Confluence, and Redis services as part of an...
The threat actors behind the BlackCat ransomware have shut down their darknet website and likely pulled an exit scam after uploading a...
The U.S. Department of Treasury’s Office of Foreign Assets Control (OFAC) sanctioned two individuals and five entities associated with the Intellexa Alliance...
VMware has released patches to address four security flaws impacting ESXi, Workstation, and Fusion, including two critical flaws that could lead to...
The cybercrime group called GhostSec has been linked to a Golang variant of a ransomware family called GhostLocker. “TheGhostSec and Stormous ransomware...
A financial entity in Vietnam was the target of a previously undocumented threat actor called Lotus Bane as part of a cyber...
Apple has released security updates to address several security flaws, including two vulnerabilities that it said have been actively exploited in the...
North Korean threat actors have exploited the recently disclosed security flaws in ConnectWise ScreenConnect to deploy a new malware called TODDLERSHARK. According...
Russian APT Deploys New ‘Kapeka’ Backdoor in Eastern European Attacks
Critical Atlassian Flaw Exploited to Deploy Linux Variant of Cerber Ransomware
Hackers Exploit Fortinet Flaw, Deploy ScreenConnect, Metasploit in New Campaign
Compromising Cryptographic Key Security Through PuTTY: A Deep Dive into CVE-2024-31497
TA558 Hackers Weaponize Images for Wide-Scale Malware Attacks
AWS, Google, and Azure CLI Tools Could Leak Credentials in Build Logs
Widely-Used PuTTY SSH Client Found Vulnerable to Key Recovery Attack
Hive RAT Creators and $3.5M Cryptojacking Mastermind Arrested in Global Crackdown
Intel and Lenovo BMCs Contain Unpatched Lighttpd Server Flaw
AI Copilot: Launching Innovation Rockets, But Beware of the Darkness Ahead
Chinese-Linked LightSpy iOS Spyware Targets South Asian iPhone Users
Palo Alto Networks Releases Urgent Fixes for Exploited PAN-OS Vulnerability
U.S. Treasury Hamas Spokesperson for Cyber Influence Operations
Hackers Deploy Python Backdoor in Palo Alto Zero-Day Attack
Popular Rust Crate liblzma-sys Compromised with XZ Utils Backdoor Files
Iranian MuddyWater Hackers Adopt New C2 Tool ‘DarkBeatC2’ in Latest Campaign
Zero-Day Alert: Critical Palo Alto Networks PAN-OS Flaw Under Active Attack
Sneaky Credit Card Skimmer Disguised as Harmless Facebook Tracker
U.S. Federal Agencies Ordered to Hunt for Signs of Microsoft Breach and Mitigate Risks
TA547 Phishing Attack Hits German Firms with Rhadamanthys Stealer