Technical specifics and a proof-of-concept (PoC) exploit have been made available for a recently disclosed critical security flaw in Progress Software OpenEdge...
A financially motivated threat actor called Magnet Goblin is swiftly adopting one-day security vulnerabilities into its arsenal in order to opportunistically breach...
Microsoft on Friday revealed that the Kremlin-backed threat actor known as Midnight Blizzard (aka APT29 or Cozy Bear) managed to gain access...
In a significant development that could reshape the cybersecurity landscape of industrial control systems (ICS), a team of researchers from the Georgia...
Cisco has released patches to address a high-severity security flaw impacting its Secure Client software that could be exploited by a threat...
Threat actors have been observed leveraging the QEMU open-source hardware emulator as tunneling software during a cyber attack targeting an unnamed “large...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a critical security flaw impacting JetBrains TeamCity On-Premises software to its...
Threat actors are conducting brute-force attacks against WordPress sites by leveraging malicious JavaScript injections, new findings from Sucuri reveal. The attacks, which...
The China-linked threat actor known as Evasive Panda orchestrated both watering hole and supply chain attacks targeting Tibetan users at least since...
In today’s rapidly evolving SaaS environment, the focus is on human users. This is one of the most compromised areas in SaaS...
The U.S. Department of Justice (DoJ) announced the indictment of a 38-year-old Chinese national and a California resident for allegedly stealing proprietary...
Facebook messages are being used by threat actors to distribute a Python-based information stealer dubbed Snake that’s designed to capture credentials and...
Threat actors have been leveraging fake websites advertising popular video conferencing software such as Google Meet, Skype, and Zoom to deliver a...
In the interconnected world of modern software development, Application Programming Interfaces (APIs) play a pivotal role in enabling systems to communicate and...
Threat actors are targeting misconfigured and vulnerable servers running Apache Hadoop YARN, Docker, Atlassian Confluence, and Redis services as part of an...
The threat actors behind the BlackCat ransomware have shut down their darknet website and likely pulled an exit scam after uploading a...
The U.S. Department of Treasury’s Office of Foreign Assets Control (OFAC) sanctioned two individuals and five entities associated with the Intellexa Alliance...
VMware has released patches to address four security flaws impacting ESXi, Workstation, and Fusion, including two critical flaws that could lead to...
The cybercrime group called GhostSec has been linked to a Golang variant of a ransomware family called GhostLocker. “TheGhostSec and Stormous ransomware...
A financial entity in Vietnam was the target of a previously undocumented threat actor called Lotus Bane as part of a cyber...
U.S. Treasury Sanctions Iranian Firms and Individuals Tied to Cyber Attacks
Researchers Detail Multistage Attack Hijacking Systems with SSLoad, Cobalt Strike
eScan Antivirus Update Mechanism Exploited to Spread Backdoors and Miners
CoralRaider Malware Campaign Exploits CDN Cache to Spread Info-Stealers
Apache Cordova App Harness Targeted in Dependency Confusion Attack
Russia’s APT28 Exploited Windows Print Spooler Flaw to Deploy ‘GooseEgg’ Malware
Ransomware Double-Dip: Re-Victimization in Cyber Extortion
Researchers Uncover Windows Flaws Granting Hackers Rootkit-Like Powers
Microsoft Warns: North Korean Hackers Turn to AI-Fueled Cyber Espionage
New RedLine Stealer Variant Disguised as Game Cheats Using Lua Bytecode for Stealth
Palo Alto Networks Discloses More Details on Critical PAN-OS Flaw Under Attack
Critical Update: CrushFTP Zero-Day Flaw Exploited in Targeted Attacks
BlackTech Targets Tech, Research, and Gov Sectors New ‘Deuterbear’ Tool
Hackers Target Middle East Governments with Evasive “CR4T” Backdoor
OfflRouter Malware Evades Detection in Ukraine for Almost a Decade
FIN7 Cybercrime Group Targeting U.S. Auto Industry with Carbanak Backdoor
New Android Trojan ‘SoumniBot’ Evades Detection with Clever Tricks
Malicious Google Ads Pushing Fake IP Scanner Software with Hidden Backdoor
Russian APT Deploys New ‘Kapeka’ Backdoor in Eastern European Attacks
GenAI: A New Headache for SaaS Security Teams