Blogs

Taiwan’s National Security Bureau (NSB) has warned that China-developed applications like RedNote (aka Xiaohongshu), Weibo, TikTok, WeChat, and Baidu Cloud pose security …

Threat actors are weaponizing exposed Java Debug Wire Protocol (JDWP) interfaces to obtain code execution capabilities and deploy cryptocurrency miners on compromised …

Cybersecurity researchers have shed light on a previously undocumented threat actor called NightEagle (aka APT-Q-95) that has been observed targeting Microsoft Exchange …

Generative AI is changing how businesses work, learn, and innovate. But beneath the surface, something dangerous is happening. AI agents and custom …

Cybersecurity researchers have disclosed two security flaws in the Sudo command-line utility for Linux and Unix-like operating systems that could enable local …

Google has been ordered by a court in the U.S. state of California to pay $314 million over charges that it misused …

A mobile ad fraud operation dubbed IconAds that consisted of 352 Android apps has been disrupted, according to a new report from …

Cybersecurity researchers have uncovered over 40 malicious browser extensions for Mozilla Firefox that are designed to steal cryptocurrency wallet secrets, putting users’ …

If you’re evaluating AI-powered SOC platforms, you’ve likely seen bold claims: faster triage, smarter remediation, and less noise. But under the hood, …

The French cybersecurity agency on Tuesday revealed that a number of entities spanning governmental, telecommunications, media, finance, and transport sectors in the …

Cisco has released security updates to address a maximum-severity security flaw in Unified Communications Manager (Unified CM) and Unified Communications Manager Session …

Threat actors with ties to North Korea have been observed targeting Web3 and cryptocurrency-related businesses with malware written in the Nim programming …

With nearly 80% of cyber threats now mimicking legitimate user behavior, how are top SOCs determining what’s legitimate traffic and what is …

Cybersecurity researchers are calling attention to phishing campaigns that impersonate popular brands and trick targets into calling phone numbers operated by threat …

The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) has levied sanctions against Russia-based bulletproof hosting (BPH) service provider …

Unknown threat actors have been observed weaponizing v0, a generative artificial intelligence (AI) tool from Vercel, to design fake sign-in pages that …

Cybersecurity researchers have discovered a critical security vulnerability in artificial intelligence (AI) company Anthropic’s Model Context Protocol (MCP) Inspector project that could …

Cybersecurity researchers have flagged the tactical similarities between the threat actors behind the RomCom RAT and a cluster that has been observed …

A new study of integrated development environments (IDEs) like Microsoft Visual Studio Code, Visual Studio, IntelliJ IDEA, and Cursor has revealed weaknesses …

Despite years of investment in Zero Trust, SSE, and endpoint protection, many enterprises are still leaving one critical layer exposed: the browser. …

Google has released security updates to address a vulnerability in its Chrome browser for which an exploit exists in the wild. The …

The U.S. Department of Justice (DoJ) on Monday announced sweeping actions targeting the North Korean information technology (IT) worker scheme, leading to …

Microsoft has said that it’s ending support for passwords in its Authenticator app starting August 1, 2025. Microsoft’s move is part of …

U.S. cybersecurity and intelligence agencies have issued a joint advisory warning of potential cyber attacks from Iranian state-sponsored or affiliated threat actors.  …

U.S. cybersecurity and intelligence agencies have issued a joint advisory warning of potential cyber-attacks from Iranian state-sponsored or affiliated threat actors.  “Over …

Europol on Monday announced the takedown of a cryptocurrency investment fraud ring that laundered €460 million ($540 million) from more than 5,000 …

The threat actor known as Blind Eagle has been attributed with high confidence to the use of the Russian bulletproof hosting service …

Identity-based attacks are on the rise. Attacks in which malicious actors assume the identity of an entity to easily gain access to …

Ever wonder what happens when attackers don’t break the rules—they just follow them better than we do? When systems work exactly as …

The U.S. Federal Bureau of Investigation (FBI) has revealed that it has observed the notorious cybercrime group Scattered Spider broadening its targeting …

The threat actor behind the GIFTEDCROOK malware has made significant updates to turn the malicious program from a basic browser data stealer …

Facebook, the social network platform owned by Meta, is asking for users to upload pictures from their phones to suggest collages, recaps, …

Threat hunters have discovered a network of more than 1,000 compromised small office and home office (SOHO) devices that have been used …

A China-linked threat actor known as Mustang Panda has been attributed to a new cyber espionage campaign directed against the Tibetan community. …

Security operations centers (SOCs) are under pressure from both sides: threats are growing more complex and frequent, while security budgets are no …

A new campaign has been observed leveraging fake websites advertising popular software such as WPS Office, Sogou, and DeepSeek to deliver Sainbox …

Threat intelligence firm GreyNoise is warning of a “notable surge” in scanning activity targeting Progress MOVEit Transfer systems starting May 27, 2025—suggesting …

Cybersecurity researchers have detailed a new campaign dubbed OneClik that leverages Microsoft’s ClickOnce software deployment technology and bespoke Golang backdoors to compromise …

Cybersecurity researchers have detailed a new campaign dubbed OneClik that leverages Microsoft’s ClickOnce software deployment technology and bespoke Golang backdoors to compromise …

Cybersecurity researchers have disclosed a critical vulnerability in the Open VSX Registry (“open-vsx[.]org”) that, if successfully exploited, could have enabled attackers to …

Cisco has released updates to address two maximum-severity security flaws in Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC) that …

The ClickFix social engineering tactic as an initial access vector using fake CAPTCHA verifications increased by 517% between the second half of …

SaaS Adoption is Skyrocketing, Resilience Hasn’t Kept Pace SaaS platforms have revolutionized how businesses operate. They simplify collaboration, accelerate deployment, and reduce …

An Iranian state-sponsored hacking group associated with the Islamic Revolutionary Guard Corps (IRGC) has been linked to a spear-phishing campaign targeting journalists, …

Cybersecurity researchers are calling attention to a series of cyber attacks targeting financial organizations across Africa since at least July 2023 using …

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added three security flaws, each impacting AMI MegaRAC, D-Link DIR-859 router, and …

Popular messaging platform WhatsApp has added a new artificial intelligence (AI)-powered feature that leverages its in-house solution Meta AI to summarize unread …

New research has uncovered continued risk from a known security weakness in Microsoft’s Entra ID, potentially enabling malicious actors to achieve account …

Citrix has released security updates to address a critical flaw affecting NetScaler ADC that it said has been exploited in the wild. …

Cybersecurity researchers have detailed two now-patched security flaws in SAP Graphical User Interface (GUI) for Windows and Java that, if successfully exploited, …

Thousands of personal records allegedly linked to athletes and visitors of the Saudi Games have been published online by a pro-Iranian hacktivist …

If you invite guest users into your Entra ID tenant, you may be opening yourself up to a surprising risk.  A gap …

Unknown threat actors have been distributing a trojanized version of SonicWall’s SSL VPN NetExtender application to steal credentials from unsuspecting users who …

Cybersecurity researchers have uncovered a fresh batch of malicious npm packages linked to the ongoing Contagious Interview operation originating from North Korea. …

Microsoft on Tuesday announced that it’s extending Windows 10 Extended Security Updates (ESU) for an extra year by letting users either pay …

The United States Embassy in India has announced that applicants for F, M, and J nonimmigrant visas should make their social media …

Cybersecurity researchers have detailed two novel methods that can be used to disrupt cryptocurrency mining botnets. The methods take advantage of the …

Unidentified threat actors have been observed targeting publicly exposed Microsoft Exchange servers to inject malicious code into the login pages that harvest …

I had the honor of hosting the first episode of the Xposure Podcast live from Xposure Summit 2025. And I couldn’t have …

Misconfigured Docker instances are the target of a campaign that employs the Tor anonymity network to stealthily mine cryptocurrency in susceptible environments. …

The U.S. House of Representatives has formally banned congressional staff members from using WhatsApp on government-issued devices, citing security concerns. The development …

The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of a new cyber attack campaign by the Russia-linked APT28 (aka UAC-0001) …

The Canadian Centre for Cyber Security and the U.S. Federal Bureau of Investigation (FBI) have issued an advisory warning of cyber attacks …

Cybersecurity researchers are calling attention to a new jailbreaking method called Echo Chamber that could be leveraged to trick popular large language …

The United States government has warned of cyber attacks mounted by pro-Iranian groups after it launched airstrikes on Iranian nuclear sites as …

Cybersecurity researchers have uncovered a Go-based malware called XDigo that has been used in attacks targeting Eastern European governmental entities in March …

It sure is a hard time to be a SOC analyst. Every day, they are expected to solve high-consequence problems with half …

Google has revealed the various safety measures that are being incorporated into its generative artificial intelligence (AI) systems to mitigate emerging attack …

Not every risk looks like an attack. Some problems start as small glitches, strange logs, or quiet delays that don’t seem urgent—until …

The April 2025 cyber attacks targeting U.K. retailers Marks & Spencer and Co-op have been classified as a “single combined cyber event.” …

The threat actors behind the Qilin ransomware-as-a-service (RaaS) scheme are now offering legal counsel for affiliates to put more pressure on victims …

Iran’s state-owned TV broadcaster was hacked Wednesday night to interrupt regular programming and air videos calling for street protests against the Iranian …

Hackers never sleep, so why should enterprise defenses? Threat actors prefer to target businesses during off-hours. That’s when they can count on …

Cloudflare on Thursday said it autonomously blocked the largest distributed denial-of-service (DDoS) attack ever recorded, which hit a peak of 7.3 terabits …

Cybersecurity researchers have uncovered a new campaign in which the threat actors have published more than 67 GitHub repositories that claim to …

Cybersecurity researchers have exposed the inner workings of an Android malware called AntiDot that has compromised over 3,775 devices as part of …

Cybersecurity researchers have exposed the inner workings of an Android malware called AntiDot that has compromised over 3,775 devices as part of …

The North Korea-aligned threat actor known as BlueNoroff has been observed targeting an employee in the Web3 sector with deceptive Zoom calls …

DALL-E for coders? That’s the promise behind vibe coding, a term describing the use of natural language to create software. While this …

Most cyberattacks today don’t start with loud alarms or broken firewalls. They start quietly—inside tools and websites your business already trusts. It’s …

Threat actors with suspected ties to Russia have been observed taking advantage of a Google account feature called application specific passwords (or …

Meta Platforms on Wednesday announced that it’s adding support for passkeys, the next-generation password standard, on Facebook. “Passkeys are a new way …

Cybersecurity researchers have uncovered two local privilege escalation (LPE) flaws that could be exploited to gain root privileges on machines running major …

A new campaign is making use of Cloudflare Tunnel subdomains to host malicious payloads and deliver them via malicious attachments embedded in …

A new multi-stage malware campaign is targeting Minecraft users with a Java-based malware that employs a distribution-as-service (DaaS) offering called Stargazers Ghost …

For organizations eyeing the federal market, FedRAMP can feel like a gated fortress. With strict compliance requirements and a notoriously long runway, …

Cybersecurity researchers have exposed a previously unknown threat actor known as Water Curse that relies on weaponized GitHub repositories to deliver multi-stage …

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday placed a security flaw impacting the Linux kernel in its Known Exploited …

A former U.S. Central Intelligence Agency (CIA) analyst has been sentenced to little more than three years in prison for unlawfully retaining …

Veeam has rolled out patches to contain a critical security flaw impacting its Backup & Replication software that could result in remote …

Iran has throttled internet access in the country in a purported attempt to hamper Israel’s ability to conduct covert cyber operations, days …

A now-patched security flaw in Google Chrome was exploited as a zero-day by a threat actor known as TaxOff to deploy a …

Cybersecurity researchers have disclosed a now-patched security flaw in LangChain’s LangSmith platform that could be exploited to capture sensitive data, including API …

Cybersecurity researchers are warning of a new phishing campaign that’s targeting users in Taiwan with malware families such as HoldingHands RAT and …

The notorious cybercrime group known as Scattered Spider (aka UNC3944) that recently targeted various U.K. and U.S. retailers has begun to target …

For many organizations, Active Directory (AD) service accounts are quiet afterthoughts, persisting in the background long after their original purpose has been …

Cybersecurity researchers have disclosed three security flaws in the popular Sitecore Experience Platform (XP) that could be chained to achieve pre-authenticated remote …

Ransomware has become a highly coordinated and pervasive threat, and traditional defenses are increasingly struggling to neutralize it. Today’s ransomware attacks initially …

Cybersecurity researchers have called attention to a new campaign that’s actively exploiting a recently disclosed critical security flaw in Langflow to deliver …

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a high-severity security flaw in TP-Link wireless routers to its Known …

Meta Platforms on Monday announced that it’s bringing advertising to WhatsApp, but emphasized that the ads are “built with privacy in mind.” …

The U.S. Department of Justice (DoJ) said it has filed a civil forfeiture complaint in federal court that targets over $7.74 million …

An emerging ransomware strain has been discovered incorporating capabilities to encrypt files as well as permanently erase them, a development that has …

Some of the biggest security problems start quietly. No alerts. No warnings. Just small actions that seem normal but aren’t. Attackers now …

Introduction The cybersecurity landscape is evolving rapidly, and so are the cyber needs of organizations worldwide. While businesses face mounting pressure from …

Cybersecurity researchers from SafeDep and Veracode detailed a number of malware-laced npm packages that are designed to execute remote code and download additional …

Cybersecurity researchers have discovered a malicious package on the Python Package Index (PyPI) repository that’s capable of harvesting sensitive developer-related information, such …

A new malware campaign is exploiting a weakness in Discord’s invitation system to deliver an information stealer called Skuld and the AsyncRAT …

Cybersecurity researchers are calling attention to a “large-scale campaign” that has been observed compromising legitimate websites with malicious JavaScript injections. According to …

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday disclosed that ransomware actors are targeting unpatched SimpleHelp Remote Monitoring and Management …

Introduction: Security at a Tipping Point Security Operations Centers (SOCs) were built for a different era, one defined by perimeter-based thinking, known …

Apple has disclosed that a now-patched security flaw present in its Messages app was actively exploited in the wild to target civil …

The threat actors behind the VexTrio Viper Traffic Distribution Service (TDS) have been linked to other TDS services like Help TDS and …

Cybersecurity researchers have discovered a novel attack technique called TokenBreak that can be used to bypass a large language model’s (LLM) safety …

AI is changing everything — from how we code, to how we sell, to how we secure. But while most conversations focus …

A novel attack technique named EchoLeak has been characterized as a “zero-click” artificial intelligence (AI) vulnerability that allows bad actors to exfiltrate …

Human identities management and control is pretty well done with its set of dedicated tools, frameworks, and best practices. This is a …

ConnectWise has disclosed that it’s planning to rotate the digital code signing certificates used to sign ScreenConnect, ConnectWise Automate, and ConnectWise remote …

Cybersecurity researchers have uncovered a new account takeover (ATO) campaign that leverages an open-source penetration testing framework called TeamFiltration to breach Microsoft …

Former members tied to the Black Basta ransomware operation have been observed sticking to their tried-and-tested approach of email bombing and Microsoft …

Threat intelligence firm GreyNoise has warned of a “coordinated brute-force activity” targeting Apache Tomcat Manager interfaces. The company said it observed a …

INTERPOL on Wednesday announced the dismantling of more than 20,000 malicious IP addresses or domains that have been linked to 69 information-stealing …

In today’s cybersecurity landscape, much of the focus is placed on firewalls, antivirus software, and endpoint detection. While these tools are essential, …

Two security vulnerabilities have been disclosed in SinoTrack GPS devices that could be exploited to control certain remote functions on connected vehicles …

In today’s security landscape, budgets are tight, attack surfaces are sprawling, and new threats emerge daily. Maintaining a strong security posture under …

Microsoft has released patches to fix 67 security flaws, including one zero-day bug in Web Distributed Authoring and Versioning (WebDAV) that it …

Adobe on Tuesday pushed security updates to address a total of 254 security flaws impacting its software products, a majority of which …

Cybersecurity researchers have uncovered over 20 configuration-related risks affecting Salesforce Industry Cloud (aka Salesforce Industries), exposing sensitive data to unauthorized internal and …

The financially motivated threat actor known as FIN6 has been observed leveraging fake resumes hosted on Amazon Web Services (AWS) infrastructure to …

Cybersecurity researchers have shed light on a previously undocumented Rust-based information stealer called Myth Stealer that’s being propagated via fraudulent gaming websites. …

Modern enterprise networks are highly complex environments that rely on hundreds of apps and infrastructure services. These systems need to interact securely …

Google has stepped in to address a security flaw that could have made it possible to brute-force an account’s recovery phone number, …

The threat actor known as Rare Werewolf (formerly Rare Wolf) has been linked to a series of cyber attacks targeting Russia and …

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added two critical security flaws impacting Erlang/Open Telecom Platform (OTP) SSH and …

The reconnaissance activity targeting American cybersecurity company SentinelOne was part of a broader set of partially-related intrusions into several targets between July …

A now-patched critical security flaw in the Wazur Server is being exploited by threat actors to drop two different Mirai botnet variants …

Behind every security alert is a bigger story. Sometimes it’s a system being tested. Sometimes it’s trust being lost in quiet ways—through …

You don’t need a rogue employee to suffer a breach. All it takes is a free trial that someone forgot to cancel. …

OpenAI has revealed that it banned a set of ChatGPT accounts that were likely operated by Russian-speaking threat actors and two Chinese …

OpenAI has revealed that it banned a set of ChatGPT accounts that were likely operated by Russian-speaking threat actors and two Chinese …

Cybersecurity researchers have flagged a supply chain attack targeting over a dozen packages associated with GlueStack to deliver malware. The malware, introduced …

Cybersecurity researchers have shed light on a new campaign targeting Brazilian users since the start of 2025 to infect users with a …

Cybersecurity researchers are alerting to a new malware campaign that employs the ClickFix social engineering tactic to trick users into downloading an …

When generative AI tools became widely available in late 2022, it wasn’t just technologists who paid attention. Employees across all industries immediately …

India’s Central Bureau of Investigation (CBI) has revealed that it has arrested six individuals and dismantled two illegal call centers that were …

Cybersecurity involves both playing the good guy and the bad guy. Diving deep into advanced technologies and yet also going rogue in …

A critical infrastructure entity within Ukraine was targeted by a previously unseen data wiper malware named PathWiper, according to new findings from …

Cybersecurity researchers have flagged several popular Google Chrome extensions that have been found to transmit data in HTTP and hard-code secrets in …

Cybersecurity researchers have flagged several popular Google Chrome extensions that have been found to transmit data in HTTP and hard-code secrets in …

The threat actor known as Bitter has been assessed to be a state-backed hacking group that’s tasked with gathering intelligence that aligns …

Security teams face growing demands with more tools, more data, and higher expectations than ever. Boards approve large security budgets, yet still …

An Iran-aligned hacking group has been attributed to a new set of cyber attacks targeting Kurdish and Iraqi government officials in early …

The U.S. Department of Justice (DoJ) on Wednesday announced the seizure of cryptocurrency funds and about 145 clearnet and dark web domains …

Cisco has released security patches to address a critical security flaw impacting the Identity Services Engine (ISE) that, if successfully exploited, could …

Google has disclosed details of a financially motivated threat cluster that it said “specialises” in voice phishing (aka vishing) campaigns designed to …

Threat hunters are calling attention to a new variant of a remote access trojan (RAT) called Chaos RAT that has been used …

Traditional data leakage prevention (DLP) tools aren’t keeping pace with the realities of how modern businesses use SaaS applications. Companies today rely …

Several malicious packages have been uncovered across the npm, Python, and Ruby package repositories that drain funds from cryptocurrency wallets, erase entire …

Hewlett Packard Enterprise (HPE) has released security updates to address as many as eight vulnerabilities in its StoreOnce data backup and deduplication …

Threat hunters are alerting to a new campaign that employs deceptive websites to trick unsuspecting users into executing malicious PowerShell scripts on …

Cybersecurity researchers have disclosed details of a critical security flaw in the Roundcube webmail software that has gone unnoticed for a decade …

In the wake of high-profile attacks on UK retailers Marks & Spencer and Co-op, Scattered Spider has been all over the media, …

A growing number of malicious campaigns have leveraged a recently discovered Android banking trojan called Crocodilus to target users in Europe and …

Google has revealed that it will no longer trust digital certificates issued by Chunghwa Telecom and Netlock citing “patterns of concerning behavior …

Microsoft and CrowdStrike have announced that they are teaming up to align their individual threat actor taxonomies by publishing a new joint …

Google on Monday released out-of-band fixes to address three security issues in its Chrome browser, including one that it said has come …

Cybersecurity researchers have discovered a new cryptojacking campaign that’s targeting publicly accessible DevOps web servers such as those associated with Docker, Gitea, …

Three security vulnerabilities have been disclosed in preloaded Android applications on smartphones from Ulefone and Krüger&Matz that could enable any app installed …

Qualcomm has shipped security updates to address three zero-day vulnerabilities that it said have been exploited in limited, targeted attacks in the …

If this had been a security drill, someone would’ve said it went too far. But it wasn’t a drill—it was real. The …

The evolution of cyber threats has forced organizations across all industries to rethink their security strategies. As attackers become more sophisticated — …

Cybersecurity researchers have warned of a new spear-phishing campaign that uses a legitimate remote access tool called Netbird to target Chief Financial …

Two information disclosure flaws have been identified in apport and systemd-coredump, the core dump handlers in Ubuntu, Red Hat Enterprise Linux, and …

A multinational law enforcement operation has resulted in the takedown of an online cybercrime syndicate that offered services to threat actors to …

A new malware campaign is distributing a novel Rust-based information stealer dubbed EDDIESTEALER using the popular ClickFix social engineering tactic initiated via …

The China-linked threat actor behind the recent in-the-wild exploitation of a critical security flaw in SAP NetWeaver has been attributed to a …

Breaking Out of the Security Mosh Pit When Jason Elrod, CISO of MultiCare Health System, describes legacy healthcare IT environments, he doesn’t …

The U.S. Department of Treasury’s Office of Foreign Assets Control (OFAC) has levied sanctions against a Philippines-based company named Funnull Technology Inc. …

ConnectWise, the developer of remote access and support software ScreenConnect, has disclosed that it was the victim of a cyber attack that …

Meta on Thursday revealed that it disrupted three covert influence operations originating from Iran, China, and Romania during the first quarter of …

Fake installers for popular artificial intelligence (AI) tools like OpenAI ChatGPT and InVideo AI are being used as lures to propagate various …

Cybersecurity researchers have taken the wraps off an unusual cyber attack that leveraged malware with corrupted DOS and PE headers, according to …

The threat actors behind the DragonForce ransomware gained access to an unnamed Managed Service Provider’s (MSP) SimpleHelp remote monitoring and management (RMM) …

Google on Wednesday disclosed that the Chinese state-sponsored threat actor known as APT41 leveraged a malware called TOUGHPROGRESS that uses Google Calendar …

Cybersecurity researchers have disclosed a critical unpatched security flaw impacting TI WooCommerce Wishlist plugin for WordPress that could be exploited by unauthenticated …

An Iranian national has pleaded guilty in the U.S. over his involvement in an international ransomware and extortion scheme involving the Robbinhood …

The Czech Republic on Wednesday formally accused a threat actor associated with the People’s Republic of China (PRC) of targeting its Ministry …

Cybersecurity researchers have discovered a security flaw in Microsoft’s OneDrive File Picker that, if successfully exploited, could allow websites to access a …

Embedded Linux-based Internet of Things (IoT) devices have become the target of a new botnet dubbed PumaBot. Written in Go, the botnet …

Stealer malware no longer just steals passwords. In 2025, it steals live sessions—and attackers are moving faster and more efficiently than ever. …

A financially motivated threat actor has been observed exploiting a recently disclosed remote code execution flaw affecting the Craft Content Management System …

Would you expect an end user to log on to a cybercriminal’s computer, open their browser, and type in their usernames and …

Cybersecurity researchers have disclosed details of a coordinated cloud-based scanning activity that targeted 75 distinct “exposure points” earlier this month. The activity, …

Apple on Tuesday revealed that it prevented over $9 billion in fraudulent transactions in the last five years, including more than $2 …

Misconfigured Docker API instances have become the target of a new malware campaign that transforms them into a cryptocurrency mining botnet. The …

Cybersecurity researchers have disclosed a new malicious campaign that uses a fake website advertising antivirus software from Bitdefender to dupe victims into …

Microsoft has shed light on a previously undocumented cluster of malicious activity originating from a Russia-affiliated threat actor dubbed Void Blizzard (aka …

Artificial intelligence is driving a massive shift in enterprise productivity, from GitHub Copilot’s code completions to chatbots that mine internal knowledge bases for …

Threat hunters have exposed a novel campaign that makes use of search engine optimization (SEO) poisoning techniques to target employee mobile devices …

The U.S. Federal Bureau of Investigation (FBI) has warned of social engineering attacks mounted by a criminal extortion actor known as Luna …

The Russia-aligned threat actor known as TAG-110 has been observed conducting a spear-phishing campaign targeting Tajikistan using macro-enabled Word templates as an …

As many as 60 malicious npm packages have been discovered in the package registry with malicious functionality to harvest hostnames, IP addresses, …

Are your web privacy controls protecting your users, or just a box-ticking exercise? This CISO’s guide provides a practical roadmap for continuous …

Cyber threats don’t show up one at a time anymore. They’re layered, planned, and often stay hidden until it’s too late. For …

Cybersecurity researchers have disclosed a malware campaign that uses fake software installers masquerading as popular tools like LetsVPN and QQ Browser to …

The malware known as Latrodectus has become the latest to embrace the widely-used social engineering technique called ClickFix as a distribution vector. …

Cybersecurity researchers have disclosed that a threat actor codenamed ViciousTrap has compromised nearly 5,300 unique network edge devices across 84 countries and …

As part of the latest “season” of Operation Endgame, a coalition of law enforcement agencies have taken down about 300 servers worldwide, …

From zero-day exploits to large-scale bot attacks — the demand for a powerful, self-hosted, and user-friendly web application security solution has never …

The U.S. Department of Justice (DoJ) on Thursday announced the disruption of the online infrastructure associated with DanaBot (aka DanaTools) and unsealed …

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday revealed that Commvault is monitoring cyber threat activity targeting applications hosted in …

Cybersecurity researchers have discovered an indirect prompt injection flaw in GitLab’s artificial intelligence (AI) assistant Duo that could have allowed attackers to …

A Chinese-speaking threat actor tracked as UAT-6382 has been linked to the exploitation of a now-patched remote-code-execution vulnerability in Trimble Cityworks to …

A privilege escalation flaw has been demonstrated in Windows Server 2025 that makes it possible for attackers to compromise any user in …

A recently patched pair of security flaws affecting Ivanti Endpoint Manager Mobile (EPMM) software has been exploited by a China-nexus threat actor …

It’s not enough to be secure. In today’s legal climate, you need to prove it. Whether you’re protecting a small company or …

For many organizations, identity security appears to be under control. On paper, everything checks out. But new research from Cerby, based on …

Cybersecurity researchers have uncovered multiple critical security vulnerabilities impacting the Versa Concerto network security and SD-WAN orchestration platform that could be exploited …

A sprawling operation undertaken by global law enforcement agencies and a consortium of private sector firms has disrupted the online infrastructure associated …

Russian cyber threat actors have been attributed to a state-sponsored campaign targeting Western logistics entities and technology companies since 2022. The activity …

Russian organizations have become the target of a phishing campaign that distributes malware called PureRAT, according to new findings from Kaspersky. “The …

Counterfeit Facebook pages and sponsored ads on the social media platform are being employed to direct users to fake websites masquerading as …

Continuous Integration and Continuous Delivery/Deployment (CI/CD) refers to practices that automate how code is developed and released to different environments. CI/CD pipelines …

It takes just one email to compromise an entire system. A single well-crafted message can bypass filters, trick employees, and give attackers …

Cybersecurity researchers have discovered a new campaign that employs malicious JavaScript injections to redirect site visitors on mobile devices to a Chinese …

Google has announced a new feature in its Chrome browser that lets its built-in Password Manager automatically change a user’s password when …

Google has announced a new feature in its Chrome browser that lets its built-in Password Manager automatically change a user’s password when …

A threat actor known as Hazy Hawk has been observed hijacking abandoned cloud resources of high-profile organizations, including Amazon S3 buckets and …

An unknown threat actor has been attributed to creating several malicious Chrome Browser extensions since February 2024 that masquerade as seemingly benign …

Cybersecurity researchers have discovered risky default identity and access management (IAM) roles impacting Amazon Web Services that could open the door for …

In the newly released 2025 State of Pentesting Report, Pentera surveyed 500 CISOs from global enterprises (200 from within the USA) to …

High-level government institutions in Sri Lanka, Bangladesh, and Pakistan have emerged as the target of a new campaign orchestrated by a threat …

Threat hunters have exposed the tactics of a China-aligned threat actor called UnsolicitedBooker that targeted an unnamed international organization in Saudi Arabia …

Cybersecurity researchers are calling attention to a new Linux cryptojacking campaign that’s targeting publicly accessible Redis servers. The malicious activity has been …

Cybersecurity researchers have uncovered malicious packages uploaded to the Python Package Index (PyPI) repository that act as checker tools to validate stolen …

The official site for RVTools has been hacked to serve a compromised installer for the popular VMware environment reporting utility. “Robware.net and …

Several ransomware actors are using a malware called Skitnet as part of their post-exploitation efforts to steal sensitive data and establish remote …

Continuous Threat Exposure Management (CTEM) has moved from concept to cornerstone, solidifying its role as a strategic enabler for CISOs. No longer …

Mozilla has released security updates to address two critical security flaws in its Firefox browser that could be potentially exploited to access …

Cybersecurity leaders aren’t just dealing with attacks—they’re also protecting trust, keeping systems running, and maintaining their organization’s reputation. This week’s developments highlight …

Cybersecurity researchers are calling attention to a new botnet malware called HTTPBot that has been used to primarily single out the gaming …

Data is the lifeblood of productivity, and protecting sensitive data is more critical than ever. With cyber threats evolving rapidly and data …

Researchers at ETH Zürich have discovered yet another security flaw that they say impacts all modern Intel CPUs and causes them to …

Cybersecurity researchers have shed light on a new malware campaign that makes use of a PowerShell-based shellcode loader to deploy a remote …

Modern apps move fast—faster than most security teams can keep up. As businesses rush to build in the cloud, security often lags …

Austrian privacy non-profit noyb (none of your business) has sent Meta’s Irish headquarters a cease-and-desist letter, threatening the company with a class …

Austrian privacy non-profit noyb (none of your business) has sent Meta’s Irish headquarters a cease-and-desist letter, threatening the company with a class …

Cryptocurrency exchange Coinbase has disclosed that unknown cyber actors broke into its systems and stole account data for a small subset of …

Imagine this: Your organization completed its annual penetration test in January, earning high marks for security compliance. In February, your development team …

Ransomware has evolved into a deceptive, highly coordinated and dangerously sophisticated threat capable of crippling organizations of any size. Cybercriminals now exploit …

A Russia-linked threat actor has been attributed to a cyber espionage operation targeting webmail servers such as Roundcube, Horde, MDaemon, and Zimbra …

Cybersecurity researchers have discovered a malicious package named “os-info-checker-es6” that disguises itself as an operating system information utility to stealthily drop a …

Google on Wednesday released updates to address four security issues in its Chrome web browser, including one for which it said there …

Samsung has released software updates to address a critical security flaw in MagicINFO 9 Server that has been actively exploited in the …

At least two different cybercrime groups BianLian and RansomExx are said to have exploited a recently disclosed security flaw in SAP NetWeaver, …

A Chinese-language, Telegram-based marketplace called Xinbi Guarantee has facilitated no less than $8.4 billion in transactions since 2022, making it the second …

A new global phishing threat called “Meta Mirage” has been uncovered, targeting businesses using Meta’s Business Suite. This campaign specifically aims at …

A cyber espionage group known as Earth Ammit has been linked to two related but distinct campaigns from 2023 to 2024 targeting …

Organizations across industries are experiencing significant escalations in cyberattacks, particularly targeting critical infrastructure providers and cloud-based enterprises. Verizon’s recently released 2025 Data …

Cybersecurity researchers have discovered a new phishing campaign that’s being used to distribute malware called Horabot targeting Windows users in Latin American …

Microsoft on Tuesday shipped fixes to address a total of 78 security flaws across its software lineup, including a set of five …

Fortinet has patched a critical security flaw that it said has been exploited as a zero-day in attacks targeting FortiVoice enterprise phone …

Ivanti has released security updates to address two security flaws in Endpoint Manager Mobile (EPMM) software that have been chained in attacks …

A recently disclosed critical security flaw impacting SAP NetWeaver is being exploited by multiple China-nexus nation-state actors to target critical infrastructure networks. …

Cybersecurity researchers have discovered a malicious package on the Python Package Index (PyPI) repository that purports to be an application related to …

The cybersecurity landscape has been dramatically reshaped by the advent of generative AI. Attackers now leverage large language models (LLMs) to impersonate …

The North Korea-linked threat actor known as Konni APT has been attributed to a phishing campaign targeting government entities in Ukraine, indicating …

Moldovan law enforcement authorities have arrested a 45-year-old foreign man suspected of involvement in a series of ransomware attacks targeting Dutch companies …

A Türkiye-affiliated threat actor exploited a zero-day security flaw in an Indian enterprise communication platform called Output Messenger as part of a …

ASUS has released updates to address two security flaws impacting ASUS DriverHub that, if successfully exploited, could enable an attacker to leverage …

What do a source code editor, a smart billboard, and a web server have in common? They’ve all become launchpads for attacks—because …

Detecting leaked credentials is only half the battle. The real challenge—and often the neglected half of the equation—is what happens after detection. …

Threat actors have been observed leveraging fake artificial intelligence (AI)-powered tools as a lure to entice users into downloading an information stealer …

Google has agreed to pay the U.S. state of Texas nearly $1.4 billion to settle two lawsuits that accused the company of …

Germany’s Federal Criminal Police Office (aka Bundeskriminalamt or BKA) has seized the online infrastructure and shutdown linked to the eXch cryptocurrency exchange …

A joint law enforcement operation undertaken by Dutch and U.S. authorities has dismantled a criminal proxy network that’s powered by thousands of …

The North Korean threat actors behind the Contagious Interview campaign have been observed using updated versions of a cross-platform malware called OtterCookie …

Cybersecurity researchers are warning of a new campaign that’s targeting Portuguese-speaking users in Brazil with trial versions of commercial remote monitoring and …

AI agents are changing the way businesses work. They can answer questions, automate tasks, and create better user experiences. But with this …

Cybersecurity researchers have flagged three malicious npm packages that are designed to target the Apple macOS version of Cursor, a popular artificial …

The Vulnerability Treadmill The reactive nature of vulnerability management, combined with delays from policy and process, strains security teams. Capacity is limited …

Google on Thursday announced it’s rolling out new artificial intelligence (AI)-powered countermeasures to combat scams across Chrome, Search, and Android. The tech …

A China-linked unnamed threat actor dubbed Chaya_004 has been observed exploiting a recently disclosed security flaw in SAP NetWeaver. Forescout Vedere Labs, …

Cybersecurity researchers have exposed what they say is an “industrial-scale, global cryptocurrency phishing operation” engineered to steal digital assets from cryptocurrency wallets …

61% of security leaders reported suffering a breach due to failed or misconfigured controls over the past 12 months. This is despite …

SonicWall has released patches to address three security flaws affecting SMA 100 Secure Mobile Access (SMA) appliances that could be fashioned to …

Threat actors with ties to the Qilin ransomware family have leveraged malware known as SmokeLoader along with a previously undocumented .NET compiled …

The nation-state threat actor known as MirrorFace has been observed deploying malware dubbed ROAMINGMOUSE as part of a cyber espionage campaign directed …

The Russia-linked threat actor known as COLDRIVER has been observed distributing a new malware called LOSTKEYS as part of an espionage-focused campaign …

Cisco has released software fixes to address a maximum-severity security flaw in its IOS XE Wireless Controller that could enable an unauthenticated, …

Europol has announced the takedown of distributed denial of service (DDoS)-for-hire services that were used to launch thousands of cyber-attacks across the …

A second security flaw impacting the OttoKit (formerly SureTriggers) WordPress plugin has come under active exploitation in the wild. The vulnerability, tracked …

Cybersecurity researchers have disclosed multiple security flaw in the on-premise version of SysAid IT support software that could be exploited to achieve …

Security Service Edge (SSE) platforms have become the go-to architecture for securing hybrid work and SaaS access. They promise centralized enforcement, simplified …

Threat actors with links to the Play ransomware family exploited a recently patched security flaw in Microsoft Windows as a zero-day as …

Cybersecurity researchers have discovered a malicious package on the Python Package Index (PyPI) repository that masquerades as a seemingly harmless Discord-related utility …

A federal jury on Tuesday decided that NSO Group must pay Meta-owned WhatsApp WhatsApp approximately $168 million in monetary damages, more than …

Threat actors have been observed actively exploiting security flaws in GeoVision end-of-life (EoL) Internet of Things (IoT) devices to corral them into …

Cybersecurity researchers have lifted the lid on two threat actors that orchestrate investment scams through spoofed celebrity endorsements and conceal their activity …

It wasn’t ransomware headlines or zero-day exploits that stood out most in this year’s Verizon 2025 Data Breach Investigations Report (DBIR) — …

Microsoft has warned that using pre-made templates, such as out-of-the-box Helm charts, during Kubernetes deployments could open the door to misconfigurations and …

Microsoft Entra ID (formerly Azure Active Directory) is the backbone of modern identity management, enabling secure access to the applications, data, and …

Google has released its monthly security updates for Android with fixes for 46 security flaws, including one vulnerability that it said has …