An advanced persistent threat (APT) actor codenamed ToddyCat has been linked to a string of attacks aimed at high-profile entities in Europe...
A 36-year-old former Amazon employee was convicted of wire fraud and computer intrusions in the U.S. for her role in the theft...
An enterprise-grade surveillanceware dubbed Hermit has been put to use by entities operating from within Kazakhstan, Syria, and Italy over the years...
A sophisticated Chinese advanced persistent threat (APT) actor exploited a critical security vulnerability in Sophos’ firewall product that came to light earlier...
Microsoft is warning that the BlackCat ransomware crew is leveraging exploits for unpatched Exchange server vulnerabilities to gain access to targeted networks....
A “dangerous piece of functionality” has been discovered in Microsoft 365 suite that could be potentially abused by a malicious actor to...
A new covert Linux kernel rootkit named Syslogk has been spotted under development in the wild and cloaking a malicious payload that...
Cybersecurity researchers have detailed the workings of a fully-featured malware loader dubbed PureCrypter that’s being purchased by cyber criminals to deliver remote...
Windows and Linux systems are being targeted by a ransomware variant called HelloXD, with the infections also involving the deployment of a...
The Iranian state-sponsored threat actor tracked under the moniker Lyceum has turned to using a new custom .NET-based backdoor in recent campaigns...
A novel hardware attack dubbed PACMAN has been demonstrated against Apple’s M1 processor chipsets, potentially arming a malicious actor with the capability...
Cybersecurity researchers have taken the wraps off what they call a “nearly-impossible-to-detect” Linux malware that could be weaponized to backdoor infected systems....
U.S. cybersecurity and intelligence agencies have warned about China-based state-sponsored cyber actors leveraging network vulnerabilities to exploit public and private sector organizations...
An illicit online marketplace known as SSNDOB was taken down in operation led by U.S. law enforcement agencies, the Department of Justice...
The threat cluster dubbed UNC2165, which shares numerous overlaps with a Russia-based cybercrime group known as Evil Corp, has been linked to...
Enforcing the “double-extortion” technique aka pay-now-or-get-breached emerged as a head-turner last year. May 6th, 2022 is a recent example. The State Department...
A new wave of phishing campaigns has been observed spreading a previously documented malware called SVCReady. “The malware is notable for the...
Atlassian on Friday rolled out fixes to address a critical security flaw affecting its Confluence Server and Data Center products that have...
GitLab has moved to address a critical security flaw in its service that, if successfully exploited, could result in an account takeover....
The Parrot traffic direction system (TDS) that came to light earlier this year has had a larger impact than previously thought, according...
An analysis of leaked chats from the notorious Conti ransomware group earlier this year has revealed that the syndicate has been working...