An ongoing campaign has been found to leverage a network of websites acting as a “dropper as a service” to deliver a...
A recent wave of spear-phishing campaigns leveraged weaponized Windows 11 Alpha-themed Word documents with Visual Basic macros to drop malicious payloads, including...
The operators of the Mozi IoT botnet have been taken into custody by Chinese law enforcement authorities, nearly two years after the...
Microsoft is warning of a widespread credential phishing campaign that leverages open redirector links in email communications as a vector to trick...
A financially motivated threat actor notorious for setting its sights on retail, hospitality, and entertainment industries has been observed deploying a completely...
ShinyHunters, a notorious cybercriminal underground group that’s been on a data breach spree since last year, has been observed searching companies’ GitHub...
ShadowPad, an infamous Windows backdoor that allows attackers to download further malicious modules or steal data, has been put to use by...
Cybersecurity researchers have disclosed details about an early development version of a nascent ransomware strain called Diavol that has been linked to...
Details have emerged about a new unpatched security vulnerability in Fortinet’s web application firewall (WAF) appliances that could be abused by a...
A new wave of attacks involving a notorious macOS adware family has evolved to leverage around 150 unique samples in the wild...
Microsoft has disclosed details of an evasive year-long social engineering campaign wherein the operators kept changing their obfuscation and encryption mechanisms every...
Global IT consultancy giant Accenture has become the latest company to be hit by the LockBit ransomware gang, according to a post...
Hackers have siphoned $611 million worth of cryptocurrencies from a blockchain-based financial network in what’s believed to be one of the largest...
Pulse Secure has shipped a fix for a critical post-authentication remote code execution (RCE) vulnerability in its Connect Secure virtual private network...
Amazon earlier this April addressed a critical vulnerability in its Kindle e-book reader platform that could have been potentially exploited to take...
Three distinct clusters of malicious activities operating on behalf of Chinese state interests have staged a series of attacks to target networks...
Healthcare and education sectors are the frequent targets of a new surge in credential harvesting activity from what’s a “highly modular” .NET-based...
Cybersecurity researchers on Friday unmasked new command-and-control (C2) infrastructure belonging to the Russian threat actor tracked as APT29, aka Cozy Bear, that...
As many as eight Python packages that were downloaded more than 30,000 times have been removed from the PyPI portal for containing...
A cyber attack that derailed websites of Iran’s transport ministry and its national railway system earlier this month, causing widespread disruptions in...
An ongoing malicious campaign that employs phony call centers has been found to trick victims into downloading malware capable of data exfiltration...