Researchers Find VS Code Flaw Allowing Attackers to Republish Deleted Extensions Under Same Names
3 min read
Cybersecurity researchers have discovered a loophole in the Visual Studio Code Marketplace that allows threat actors to...
Salt Typhoon Exploits Cisco, Ivanti, Palo Alto Flaws to Breach 600 Organizations Worldwide
4 min read
The China-linked advanced persistent threat (APT) actor known as Salt Typhoon has continued its attacks targeting networks...
Every day, businesses, teams, and project managers trust platforms like Trello, Asana, etc., to collaborate and manage...
Malicious Nx Packages in ‘s1ngularity’ Attack Leaked 2,349 GitHub, Cloud, and AI Credentials
4 min read
The maintainers of the nx build system have alerted users to a supply chain attack that allowed...
U.S. Treasury Sanctions DPRK IT-Worker Scheme, Exposing $600K Crypto Transfers and $1M+ Profits
3 min read
The U.S. Department of the Treasury's Office of Foreign Assets Control (OFAC) announced a fresh round of...
The financially motivated threat actor known as Storm-0501 has been observed refining its tactics to conduct data...
Cybersecurity company ESET has disclosed that it discovered an artificial intelligence (AI)-powered ransomware variant codenamed PromptLock.
Written in...
Anthropic Disrupts AI-Powered Cyberattacks Automating Theft and Extortion Across Critical Sectors
4 min read
Anthropic on Wednesday revealed that it disrupted a sophisticated operation that weaponized its artificial intelligence (AI)-powered chatbot...
A threat activity cluster known as ShadowSilk has been attributed to a fresh set of attacks targeting...
Employees are experimenting with AI at record speed. They are drafting emails, analyzing data, and transforming the...
A widespread data theft campaign has allowed hackers to breach sales automation platform Salesloft to steal OAuth...
Blind Eagle’s Five Clusters Target Colombia Using RATs, Phishing Lures, and Dynamic DNS Infra
4 min read
Cybersecurity researchers have discovered five distinct activity clusters linked to a persistent threat actor known as Blind...
Citrix has released fixes to address three security flaws in NetScaler ADC and NetScaler Gateway, including one...
A team of academics has devised a novel attack that can be used to downgrade a 5G...
Cybersecurity researchers are calling attention to a sophisticated social engineering campaign that's targeting supply chain-critical manufacturing companies...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added three security flaws impacting Citrix Session...
Cybersecurity researchers have discovered a new variant of an Android banking trojan called HOOK that features ransomware-style...
Google has announced plans to begin verifying the identity of all developers who distribute apps on Android,...
Docker has released fixes to address a critical security flaw affecting the Docker Desktop app for Windows...
UNC6384 Deploys PlugX via Captive Portal Hijacks and Valid Certificates Targeting Diplomats
3 min read
A China-nexus threat actor known as UNC6384 has been attributed to a set of attacks targeting diplomats...
