Three additional rogue Python packages have been discovered in the Package Index (PyPI) repository as part of...
A hacking outfit nicknamed Earth Estries has been attributed to a new, ongoing cyber espionage campaign targeting government and...
ChatGPT and similar large language models (LLMs) have added further complexity to the ever-growing online threat landscape....
An unknown threat actor is leveraging malicious npm packages to target developers with an aim to steal...
New findings show that malicious actors could leverage a sneaky malware detection evasion technique and bypass endpoint...
A previously undocumented Android banking trojan dubbed MMRat has been observed targeting mobile users in Southeast Asia since late...
Cybersecurity researchers have discovered malicious Android apps for Signal and Telegram distributed via the Google Play Store...
Recently disclosed security flaws impacting Juniper firewalls, Openfire, and Apache RocketMQ servers have come under active exploitation...
Critical Vulnerability Alert: VMware Aria Operations Networks at Risk from Remote Attacks
2 min read
VMware has released software updates to correct two security vulnerabilities in Aria Operations for Networks that could...
A coordinated law enforcement effort codenamed Operation Duck Hunt has felled QakBot, a notorious Windows malware family that's estimated to...
Chinese Hacking Group Exploits Barracuda Zero-Day to Target Government, Military, and Telecom
4 min read
A suspected Chinese-nexus hacking group exploited a recently disclosed zero-day flaw in Barracuda Networks Email Security Gateway (ESG) appliances...
A new malspam campaign has been observed deploying an off-the-shelf malware called DarkGate.
"The current spike in DarkGate...
Survey Provides Takeaways for Security Pros to Operationalize their Remediation Life Cycle
3 min read
Ask any security professional and they’ll tell you that remediating risks from various siloed security scanning tools...
Unpatched Citrix NetScaler systems exposed to the internet are being targeted by unknown threat actors in what's...
Microsoft is warning of an increase in adversary-in-the-middle (AiTM) phishing techniques, which are being propagated as part...
Cyber attacks on e-commerce applications are a common trend in 2023 as e-commerce businesses become more omnichannel,...
Experts Uncover How Cybercriminals Could Exploit Microsoft Entra ID for Elevated Privilege
2 min read
Cybersecurity researchers have discovered a case of privilege escalation associated with a Microsoft Entra ID (formerly Azure...
Developers Beware: Malicious Rust Libraries Caught Transmitting OS Info to Telegram Channel
2 min read
In yet another sign that developers continue to be targets of software supply chain attacks, a number...
An updated version of a botnet malware called KmsdBot is now targeting Internet of Things (IoT) devices, simultaneously branching...
The leak of the LockBit 3.0 ransomware builder last year has led to threat actors abusing the tool to...
