The recent discovery of a significant flaw in the GNU C Library (glibc), a fundamental component of major Linux distributions, has raised...
The threat actor behind a peer-to-peer (P2P) botnet known as FritzFrog has made a return with a new variant that leverages the...
The U.S. government on Wednesday said it took steps to neutralize a botnet comprising hundreds of U.S.-based small office and home office...
Cybersecurity researchers have detailed an updated version of the malware HeadCrab that’s known to target Redis database servers across the world since...
Google-owned Mandiant said it identified new malware employed by a China-nexus espionage threat actor known as UNC5221 and other threat groups during...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a high-severity flaw impacting iOS, iPadOS, macOS, tvOS, and watchOS to...
Ivanti is alerting of two new high-severity flaws in its Connect Secure and Policy Secure products, one of which is said to...
Cybersecurity researchers are calling attention to the “democratization” of the phishing ecosystem owing to the emergence of Telegram as an epicenter for...
The SEC isn’t giving SaaS a free pass. Applicable public companies, known as “registrants,” are now subject to cyber incident disclosure and...
A pair of recently disclosed zero-day flaws in Ivanti Connect Secure (ICS) virtual private network (VPN) devices have been exploited to deliver...
A Brazilian law enforcement operation has led to the arrest of several Brazilian operators in charge of the Grandoreiro malware. The Federal...
GitLab once again released fixes to address a critical security flaw in its Community Edition (CE) and Enterprise Edition (EE) that could...
The China-based threat actor known as Mustang Panda is suspected to have targeted Myanmar’s Ministry of Defence and Foreign Affairs as part...
Each New Year introduces a new set of challenges and opportunities for strengthening our cybersecurity posture. It’s the nature of the field...
Threat hunters have identified a new campaign that delivers the ZLoader malware, resurfacing nearly two years after the botnet’s infrastructure was dismantled...
Juniper Networks has released out-of-band updates to address high-severity flaws in SRX Series and EX Series that could be exploited by a...
Recent news about a critical vulnerability in Jenkins, identified as CVE-2024-23897, has raised significant concerns in the cybersecurity community. This vulnerability has...
A now-patched security flaw in Microsoft Outlook could be exploited by threat actors to access NT LAN Manager (NTLM) v2 hashed passwords...
In nearly every segment of our lives, AI (artificial intelligence) now makes a significant impact: It can deliver better healthcare diagnoses and...
Cybersecurity researchers have detected in the wild yet another variant of the Phobos ransomware family known as Faust. Fortinet FortiGuard Labs, which...
Key Lesson from Microsoft’s Password Spray Hack: Secure Every Account
AWS Patches Critical ‘FlowFixation’ Bug in Airflow Service to Prevent Session Hijacking
China-Linked Group Breaches Networks via Connectwise, F5 Software Flaws
Massive Sign1 Campaign Infects 39,000+ WordPress Sites with Scam Redirects
Russian Hackers May Have Targeted Ukrainian Telecoms with Upgraded ‘AcidPour’ Malware
AndroxGh0st Malware Targets Laravel Apps to Steal Cloud Credentials
Making Sense of Operational Technology Attacks: The Past, Present, and Future
Ivanti Releases Urgent Fix for Critical Sentry RCE Vulnerability
Atlassian Releases Fixes for Over 2 Dozen Flaws, Including Critical Bamboo Bug
TeamCity Flaw Leads to Surge in Ransomware, Cryptomining, and RAT Attacks
Ukraine Arrests Trio for Hijacking Over 100 Million Email and Instagram Accounts
APIs Drive the Majority of Internet Traffic and Cybercriminals are Taking Advantage
From Deepfakes to Malware: AI’s Expanding Role in Cyber Attacks
Crafting and Communicating Your Cybersecurity Strategy for Board Buy-In
Suspected Russian Data-Wiping ‘AcidPour’ Malware Targeting Linux x86 Devices
New Phishing Attack Uses Clever Microsoft Office Trick to Deploy NetSupport RAT
New DEEP#GOSU Malware Campaign Targets Windows Users with Advanced Tactics
Fortra Patches Critical RCE Vulnerability in FileCatalyst Transfer Tool
Hackers Using Sneaky HTML Smuggling to Deliver Malware via Fake Google Sites
WordPress Admins Urged to Remove miniOrange Plugins Due to Critical Flaw