A DarkGate malware campaign observed in mid-January 2024 leveraged a recently patched security flaw in Microsoft Windows as a zero-day using bogus...
GitHub on Thursday announced that it’s enabling secret scanning push protection by default for all pushes to public repositories. “This means that...
Microsoft on Wednesday acknowledged that a newly disclosed critical security flaw in Exchange Server has been actively exploited in the wild, a...
Microsoft has released patches to address 73 security flaws spanning its software lineup as part of its Patch Tuesday updates for February...
Three new security vulnerabilities have been discovered in Azure HDInsight’s Apache Hadoop, Kafka, and Spark services that could be exploited to achieve...
A now-patched security flaw in Microsoft Outlook could be exploited by threat actors to access NT LAN Manager (NTLM) v2 hashed passwords...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical security vulnerability impacting Microsoft SharePoint Server to its Known Exploited...
Microsoft has addressed a total of 48 security flaws spanning its software as part of its Patch Tuesday updates for January 2024....
Security researchers have detailed a new variant of a dynamic link library (DLL) search order hijacking technique that could be used by...
Microsoft on Thursday said it’s once again disabling the ms-appinstaller protocol handler by default following its abuse by multiple threat actors to...
A new wave of phishing messages distributing the QakBot malware has been observed, more than three months after a law enforcement effort...
Multiple security vulnerabilities have been discovered in the open-source Netgate pfSense firewall solution called pfSense that could be chained by an attacker...
Threat actors affiliated with the Russian Foreign Intelligence Service (SVR) have targeted unpatched JetBrains TeamCity servers in widespread attacks since September 2023....
Microsoft on Monday said it detected Kremlin-backed nation-state activity exploiting a now-patched critical security flaw in its Outlook email service to gain...
Cybersecurity researchers have discovered a case of “forced authentication” that could be exploited to leak a Windows user’s NT LAN Manager (NTLM)...
North Korean threat actors are actively exploiting a critical security flaw in JetBrains TeamCity to opportunistically breach vulnerable servers, according to Microsoft....
The advanced persistent threat (APT) actor known as ToddyCat has been linked to a new set of malicious tools that are designed...
Microsoft on Wednesday said that a user containment feature in Microsoft Defender for Endpoint helped thwart a “large-scale remote encryption attempt” made...
Microsoft has released its Patch Tuesday updates for October 2023, addressing a total of 103 flaws in its software, two of which...
Microsoft has linked the exploitation of a recently disclosed critical flaw in Atlassian Confluence Data Center and Server to a nation-state actor...
A Gaza-based threat actor has been linked to a series of cyber attacks aimed at Israeli private-sector energy, defense, and telecommunications organizations....