VMware has released patches to address four security flaws impacting ESXi, Workstation, and Fusion, including two critical flaws that could lead to...
The cybercrime group called GhostSec has been linked to a Golang variant of a ransomware family called GhostLocker. “TheGhostSec and Stormous ransomware...
A financial entity in Vietnam was the target of a previously undocumented threat actor called Lotus Bane as part of a cyber...
Apple has released security updates to address several security flaws, including two vulnerabilities that it said have been actively exploited in the...
North Korean threat actors have exploited the recently disclosed security flaws in ConnectWise ScreenConnect to deploy a new malware called TODDLERSHARK. According...
A new DNS threat actor dubbed Savvy Seahorse is leveraging sophisticated techniques to entice targets into fake investment platforms and steal funds....
More than 225,000 logs containing compromised OpenAI ChatGPT credentials were made available for sale on underground markets between January and October 2023,...
The threat actor known as TA577 has been observed using ZIP archive attachments in phishing emails with an aim to steal NT...
A new pair of security vulnerabilities have been disclosed in JetBrains TeamCity On-Premises software that could be exploited by a threat actor...
In a recent unsettling development, American Express has confirmed that sensitive information related to its credit cards has been compromised due to...
Cybercriminals are using a network of hired money mules in India using an Android-based application to orchestrate a massive money laundering scheme....
A company’s lifecycle stage, size, and state have a significant impact on its security needs, policies, and priorities. This is particularly true...
As many as 100 malicious artificial intelligence (AI)/machine learning (ML) models have been discovered in the Hugging Face platform. These include instances...
U.S. cybersecurity and intelligence agencies have warned of Phobos ransomware attacks targeting government and critical infrastructure entities, outlining the various tactics and...
A U.S. judge has ordered NSO Group to hand over its source code for Pegasus and other remote access trojans to Meta...
Cybersecurity researchers have discovered a new Linux variant of a remote access trojan (RAT) called BIFROSE (aka Bifrost) that uses a deceptive...
The Five Eyes (FVEY) intelligence alliance has issued a new cybersecurity advisory warning of cyber threat actors exploiting known security flaws in...
GitHub on Thursday announced that it’s enabling secret scanning push protection by default for all pushes to public repositories. “This means that...
Threat hunters have discovered a new Linux malware called GTPDOOR that’s designed to be deployed in telecom networks that are adjacent to...
The notorious Lazarus Group actors exploited a recently patched privilege escalation flaw in the Windows Kernel as a zero-day to obtain kernel-level...
Critical Update: CrushFTP Zero-Day Flaw Exploited in Targeted Attacks
New Android Trojan ‘SoumniBot’ Evades Detection with Clever Tricks
Russian APT Deploys New ‘Kapeka’ Backdoor in Eastern European Attacks
Critical Atlassian Flaw Exploited to Deploy Linux Variant of Cerber Ransomware
Hackers Exploit Fortinet Flaw, Deploy ScreenConnect, Metasploit in New Campaign
Compromising Cryptographic Key Security Through PuTTY: A Deep Dive into CVE-2024-31497
TA558 Hackers Weaponize Images for Wide-Scale Malware Attacks
AWS, Google, and Azure CLI Tools Could Leak Credentials in Build Logs
Widely-Used PuTTY SSH Client Found Vulnerable to Key Recovery Attack
FTC Fines Mental Health Startup Cerebral $7 Million for Major Privacy Violations
Hive RAT Creators and $3.5M Cryptojacking Mastermind Arrested in Global Crackdown
Intel and Lenovo BMCs Contain Unpatched Lighttpd Server Flaw
AI Copilot: Launching Innovation Rockets, But Beware of the Darkness Ahead
Muddled Libra Shifts Focus to SaaS and Cloud for Extortion and Data Theft Attacks
Timing is Everything: The Role of Just-in-Time Privileged Access in Security Evolution
Chinese-Linked LightSpy iOS Spyware Targets South Asian iPhone Users
Palo Alto Networks Releases Urgent Fixes for Exploited PAN-OS Vulnerability
U.S. Treasury Hamas Spokesperson for Cyber Influence Operations
Hackers Deploy Python Backdoor in Palo Alto Zero-Day Attack
Popular Rust Crate liblzma-sys Compromised with XZ Utils Backdoor Files