Critical Next.js Vulnerability Allows Attackers to Bypass Middleware Authorization Checks
1 min read
A critical security flaw has been disclosed in the Next.js React framework that could be potentially exploited...
GitHub Supply Chain Breach: Coinbase Attack Exposes 218 Repositories, Leaks CI/CD Secrets
5 min read
The supply chain attack involving the GitHub Action "tj-actions/changed-files" started as a highly-targeted attack against one of...
The U.S. Treasury Department has announced that it's removing sanctions against Tornado Cash, a cryptocurrency mixer service...
Threat hunters have uncovered a new threat actor named UAT-5918 that has been attacking critical infrastructure entities...
The threat actors behind the Medusa ransomware-as-a-service (RaaS) operation have been observed using a malicious driver dubbed...
The China-linked advanced persistent threat (APT) group. known as Aquatic Panda has been linked to a "global...
After conducting over 10,000 automated internal network penetration tests last year, vPenTest has uncovered a troubling reality...
Two known threat activity clusters codenamed Head Mare and Twelve have likely joined forces to target Russian...
Two now-patched security flaws impacting Cisco Smart Licensing Utility are seeing active exploitation attempts, according to SANS...
How to Protect Your Business from Cyber Threats: Mastering the Shared Responsibility Model
5 min read
Cybersecurity isn't just another checkbox on your business agenda. It's a fundamental pillar of survival. As organizations...
YouTube videos promoting game cheats are being used to deliver a previously undocumented stealer malware called Arcane...
Veeam has released security updates to address a critical security flaw impacting its Backup & Replication software...
The governments of Australia, Canada, Cyprus, Denmark, Israel, and Singapore are likely customers of spyware developed by...
Regulatory compliance is no longer just a concern for large enterprises. Small and mid-sized businesses (SMBs) are...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a high-severity security flaw impacting NAKIVO Backup...
The Computer Emergency Response Team of Ukraine (CERT-UA) is warning of a new campaign that targets the...
In today’s digital world, security breaches are all too common. Despite the many security tools and training...
The threat actors behind the ClearFake campaign are using fake reCAPTCHA or Cloudflare Turnstile verifications as lures...
Threat actors are exploiting a severe security flaw in PHP to deliver cryptocurrency miners and remote access...
The recently leaked trove of internal chat logs among members of the Black Basta ransomware operation has...
