The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday disclosed details of a “novel persistent backdoor” called SUBMARINE deployed by threat...
Ivanti has disclosed yet another security flaw impacting Endpoint Manager Mobile (EPMM), formerly known as MobileIron Core, that it said has been...
This “pure Java” HTTP web server environment is provided by Apache Tomcat, which is a server that is both open-source and free...
As part of Checkmarx’s mission to help organizations develop and deploy secure software, the Security Research team started looking at the security...
Based on recent reports, it was discovered that there has been info stealer malware that affects both Windows and macOS platforms. The...
The U.S. Securities and Exchange Commission (SEC) on Wednesday approved new rules that require publicly traded companies to publicize details of a...
As the number of people using macOS keeps going up, so does the desire of hackers to take advantage of flaws in...
Zero-day vulnerabilities in Windows Installers for the Atera remote monitoring and management software could act as a springboard to launch privilege escalation...
The recent attack against Microsoft’s email infrastructure by a Chinese nation-state actor referred to as Storm-0558 is said to have a broader...
Several distributed denial-of-service (DDoS) botnets have been observed exploiting a critical flaw in Zyxel devices that came to light in April 2023...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued an advisory on Thursday warning that the newly disclosed critical security flaw in...
Two more security flaws have been disclosed in AMI MegaRAC Baseboard Management Controller (BMC) software that, if successfully exploited, could allow threat...
Syssphinx (aka FIN8) is a financially motivated cyber-crime group deploying revamped sardonic backdoor to deliver Noberus ransomware. This group has been active since...
Government entities, military organizations, and civilian users in Ukraine and Poland have been targeted as part of a series of campaigns designed...
During the initial half of 2023, a notable surge occurred in attacks exploiting infected USB drives for secret theft. While the USB-based...
Microsoft on Tuesday revealed that it repelled a cyber attack staged by a Chinese nation-state actor targeting two dozen organizations, some of...
A new fileless attack dubbed PyLoose has been observed striking cloud workloads with the goal of delivering a cryptocurrency miner, new findings...
Microsoft on Tuesday released updates to address a total of 132 new security flaws spanning its software, including six zero-day flaws that...
Rekoobe is a notorious backdoor that primarily targets Linux environments, and it’s actively exploited by the threat actors, mainly a Chinese threat...
The cybersecurity researcher working for ThreatFabric made the discovery, and the company issued a warning, about a new and more sophisticated kind...
Malicious actors exploited an unknown flaw in Revolut’s payment systems to steal more than $20 million of the company’s funds in early...