Fortra has released details of a now-patched critical security flaw impacting its FileCatalyst file transfer solution that could allow unauthenticated attackers to...
Cybersecurity researchers have discovered a new malware campaign that leverages bogus Google Sites pages and HTML smuggling to distribute a commercial malware...
WordPress users of miniOrange’s Malware Scanner and Web Application Firewall plugins are being urged to delete them from their websites following the...
The Russia-linked threat actor known as APT28 has been linked to multiple ongoing phishing campaigns that employ lure documents imitating government and...
Cybersecurity researchers have found a number of GitHub repositories offering cracked software that are used to deliver an information stealer called RisePro....
Google on Thursday announced an enhanced version of Safe Browsing to provide real-time, privacy-preserving URL protection and safeguard users from visiting potentially...
Chinese users looking for legitimate software such as Notepad++ and VNote on search engines like Baidu are being targeted with malicious ads...
In recent developments, cybersecurity experts have raised alarms over a high-severity vulnerability identified in Kubernetes, marked as CVE-2023-5528. This critical flaw has...
A 34-year-old Russian-Canadian national has been sentenced to nearly four years in jail in Canada for his participation in the LockBit global...
Details have been made public about a now-patched high-severity flaw in Kubernetes that could allow a malicious attacker to achieve remote code...
The threat actor known as Blind Eagle has been observed using a loader malware called Ande Loader to deliver remote access trojans...
A DarkGate malware campaign observed in mid-January 2024 leveraged a recently patched security flaw in Microsoft Windows as a zero-day using bogus...
Fortinet has warned of a critical security flaw impacting its FortiClientEMS software that could allow attackers to achieve code execution on affected...
The threat actors behind the PixPirate Android banking trojan are leveraging a new trick to evade detection on compromised devices and harvest...
A new phishing campaign has been observed delivering remote access trojans (RAT) such as VCURMS and STRRAT by means of a malicious...
A new malware campaign is leveraging a high-severity security flaw in the Popup Builder plugin for WordPress to inject malicious JavaScript code....
In a significant cybersecurity incident, Russian state-backed hackers gained access to some of Microsoft’s core software systems. This breach, first disclosed in...
The threat actors behind the BianLian ransomware have been observed exploiting security flaws in JetBrains TeamCity software to conduct their extortion-only attacks....
Technical specifics and a proof-of-concept (PoC) exploit have been made available for a recently disclosed critical security flaw in Progress Software OpenEdge...
A financially motivated threat actor called Magnet Goblin is swiftly adopting one-day security vulnerabilities into its arsenal in order to opportunistically breach...
Kremlin-Backed APT28 Targets Polish Institutions in Large-Scale Malware Campaign
Russian Hacker Dmitry Khoroshev Unmasked as LockBit Ransomware Administrator
APT42 Hackers Pose as Journalists to Harvest Credentials and Access Cloud Data
China-Linked Hackers Used ROOTROT Webshell in MITRE Network Intrusion
New Case Study: The Malicious Comment
China-Linked Hackers Suspected in ArcaneDoor Cyberattacks Targeting Network Devices
New ‘Cuckoo’ Persistent macOS Spyware Targeting Intel and Arm Macs
Microsoft Outlook Flaw Exploited by Russia’s APT28 to Hack Czech, German Entities
Hackers Increasingly Abusing Microsoft Graph API for Stealthy Malware Communications
NSA, FBI Alert on N. Korean Hackers Spoofing Emails from Trusted Sources
Four Critical Vulnerabilities Expose HPE Aruba Devices to RCE Attacks
Popular Android Apps Like Xiaomi, WPS Office Vulnerable to File Overwrite Flaw
When is One Vulnerability Scanner Not Enough?
Dropbox Discloses Breach of Digital Signature Service Affecting All Users
New “Goldoon” Botnet Targets D-Link Routers With Decade-Old Flaw
CISA Warns of Active Exploitation of Severe GitLab Password Reset Vulnerability
New Cuttlefish Malware Hijacks Router Connections, Sniffs for Cloud Credentials
Android Malware Wpeeper Uses Compromised WordPress Sites to Hide C2 Servers
How to Make Your Employees Your First Line of Cyber Defense
ZLoader Malware Evolves with Anti-Analysis Trick from Zeus Banking Trojan