Cybersecurity researchers have flagged a Ukrainian IP network for engaging in massive brute-force and password spraying campaigns...
The threat actor known as Silver Fox has been attributed to abuse of a previously unknown vulnerable...
Cybersecurity researchers have discovered a malicious npm package that comes with stealthy features to inject malicious code...
As enterprises continue to shift their operations to the browser, security teams face a growing set of...
Cybersecurity researchers are calling attention to a new shift in the Android malware landscape where dropper apps,...
⚡ Weekly Recap: WhatsApp 0-Day, Docker Bug, Salesforce Breach, Fake CAPTCHAs, Spyware App & More
20 min read
Cybersecurity today is less about single attacks and more about chains of small weaknesses that connect into...
ScarCruft Uses RokRAT Malware in Operation HanKook Phantom Targeting South Korean Academics
3 min read
Cybersecurity researchers have discovered a new phishing campaign undertaken by the North Korea-linked hacking group called ScarCruft...
Cybersecurity researchers have called attention to a cyber attack in which unknown threat actors deployed an open-source...
WhatsApp has addressed a security vulnerability in its messaging apps for Apple iOS and macOS that it...
Researchers Warn of Sitecore Exploit Chain Linking Cache Poisoning and Remote Code Execution
2 min read
Three new security vulnerabilities have been disclosed in the Sitecore Experience Platform that could be exploited to...
Picture this: Your team rolls out some new code, thinking everything's fine. But hidden in there is...
Amazon Disrupts APT29 Watering Hole Campaign Abusing Microsoft Device Code Authentication
2 min read
Amazon on Friday said it flagged and disrupted what it described as an opportunistic watering hole campaign...
An abandoned update server associated with input method editor (IME) software Sogou Zhuyin was leveraged by threat...
Generative AI platforms like ChatGPT, Gemini, Copilot, and Claude are increasingly common in organizations. While these solutions...
Click Studios Patches Passwordstate Authentication Bypass Vulnerability in Emergency Access Page
2 min read
Click Studios, the developer of enterprise-focused password management solution Passwordstate, said it has released security updates to...
The Sangoma FreePBX Security Team has issued an advisory warning about an actively exploited FreePBX zero-day vulnerability...
Authorities from the Netherlands and the United States have announced the dismantling of an illicit marketplace called...
Google Warns Salesloft OAuth Breach Extends Beyond Salesforce, Impacting All Integrations
2 min read
Google has revealed that the recent wave of attacks targeting Salesforce instances via Salesloft Drift is much...
Cybersecurity researchers have discovered a cybercrime campaign that's using malvertising tricks to direct victims to fraudulent sites...
Picture this: Your team rolls out some new code, thinking everything's fine. But hidden in there is...
