Cybersecurity researchers have taken the wraps off a new and entirely undetected Linux threat dubbed OrBit, signally a growing trend of malware...
A malware-as-a-service (Maas) dubbed Matanbuchus has been observed spreading through phishing campaigns, ultimately dropping the Cobalt Strike post-exploitation framework on compromised machines....
An enterprise-grade surveillanceware dubbed Hermit has been put to use by entities operating from within Kazakhstan, Syria, and Italy over the years...
Cybersecurity researchers have detailed the workings of a fully-featured malware loader dubbed PureCrypter that’s being purchased by cyber criminals to deliver remote...
A novel hardware attack dubbed PACMAN has been demonstrated against Apple’s M1 processor chipsets, potentially arming a malicious actor with the capability...
An unofficial security patch has been made available for a new Windows zero-day vulnerability in the Microsoft Support Diagnostic Tool (MSDT), even...
A new wave of phishing campaigns has been observed spreading a previously documented malware called SVCReady. “The malware is notable for the...
The Parrot traffic direction system (TDS) that came to light earlier this year has had a larger impact than previously thought, according...
As ransomware infections have evolved from purely encrypting data to schemes such as double and triple extortion, a new attack vector is...
Cybersecurity researchers are calling attention to a zero-day flaw in Microsoft Office that could be abused to achieve arbitrary code execution on...
An unknown advanced persistent threat (APT) group has been linked to a series of spear-phishing attacks targeting Russian government entities since the...
The inner workings of a cybercriminal group known as the Wizard Spider have been exposed, shedding light on its organizational structure and...
In early 2022, Microsoft addressed CVE-2022-22005, a remote code execution (RCE) vulnerability that used website creation features in SharePoint, releasing a security...
A first-of-its-kind security analysis of iOS Find My function has identified a novel attack surface that makes it possible to tamper with...
An unidentified threat actor has been linked to an actively in-development malware toolkit called the “Eternity Project” that lets professional and amateur...
A previously undocumented remote access trojan (RAT) written in the Go programming language has been spotted disproportionately targeting entities in Italy, Spain,...
Days after F5 released patches for a critical remote code execution vulnerability affecting its BIG-IP family of products, security researchers are warning...
Cybersecurity researchers have discovered a new Windows malware with worm-like capabilities and is propagated by means of removable USB devices. Attributing the...
A researcher has detected a critical vulnerability in some of the most common malware and ransomware variants today and whose exploitation would...
Security researchers have disclosed a security issue that could have allowed attackers to weaponize the VirusTotal platform as a conduit to achieve...
A proof-of-concept (PoC) code demonstrating a newly disclosed digital signature bypass vulnerability in Java has been shared online. The high-severity flaw in...