Cybersecurity researchers have gleaned additional insights into a nascent ransomware-as-a-service (RaaS) called Cicada3301 after successfully gaining access...
Threat actors are attempting to abuse the open-source EDRSilencer tool as part of efforts to tamper endpoint...
FIDO Alliance Drafts New Protocol to Simplify Passkey Transfers Across Different Platforms
2 min read
The FIDO Alliance said it's working to make passkeys and other credentials more easier to export across...
AI from the attacker’s perspective: See how cybercriminals are leveraging AI and exploiting its vulnerabilities to compromise...
The North Korean threat actor known as ScarCruft has been linked to the zero-day exploitation of a...
To defend your organization against cyber threats, you need a clear picture of the current threat landscape....
A new spear-phishing campaign targeting Brazil has been found delivering a banking malware called Astaroth (aka Guildma)...
GitHub has released security updates for Enterprise Server (GHES) to address multiple issues, including a critical bug...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a critical security flaw impacting SolarWinds...
In recent years, the number and sophistication of zero-day vulnerabilities have surged, posing a critical threat to...
New variants of an Android banking trojan called TrickMo have been found to harbor previously undocumented features...
Cybersecurity researchers have disclosed a new malware campaign that leverages a malware loader named PureCrypter to deliver...
North Korean threat actors have been observed using a Linux variant of a known malware family called...
China's National Computer Virus Emergency Response Center (CVERC) has doubled down on claims that the threat actor...
Cybersecurity researchers have disclosed a new malware campaign that delivers Hijack Loader artifacts that are signed with...
The maintainers of the Jetpack WordPress plugin have released a security update to remediate a critical vulnerability...
A suspected nation-state adversary has been observed weaponizing three security flaws in Ivanti Cloud Service Appliance (CSA)...
The link between detection and response (DR) practices and cloud security has historically been weak. As global...
Cybersecurity researchers have found that entry points could be abused across multiple programming ecosystems like PyPI, npm,...
Hey there, it's your weekly dose of "what the heck is going on in cybersecurity land" –...
