Cybersecurity

🚨 Beware, Android users! Two file management apps on Google Play Store revealed as spyware, sending users' data to servers in China.

This multi-step vishing attack combines hi-tech malware, voice traffic routing, and social engineering to deceive victims into micro-loans.

🔒 Yet another critical SQL injection vulnerability (CVE-2023-36934) uncovered in popular MOVEit Transfer—the same software that was exploited.

Mastodon, the decentralized social network, releases critical security update. Update your instance ASAP to prevent potential DoS and RCE attacks.

Protect your organization from evolving cyber threats! Implement a Continuous Threat Exposure Management (CTEM) program that offers precision, speed,

Microsoft uncovers the ruthless efficiency of ransomware attacks. In just 5 days, hackers complete the entire attack process, breaching systems.

New variants of TrueBot malware targeting U.S. and Canadian organizations, exploiting a critical vulnerability in Netwrix Auditor.

JumpCloud reacts to a cybersecurity incident, resets API keys for affected clients.

Google's latest Android security updates are here! Patching 46 vulnerabilities, including 3 actively exploited flaws.

Iranian nation-state actor TA453 continues to evolve its tactics, deploying novel infection chains and malware to infiltrate both Windows and macOS.

A potentially massive cyber attack campaign is targeting cloud-native environments.

Is your organization eligible for cyber insurance? Discover the crucial role of regular penetration testing in assessing your cyber security risk prof

New Linux Kernel Vulnerability Uncovered. StackRot (CVE-2023-3269) opens doors to unauthorized elevated privileges.

Learn how the DDoS attack landscape has changed in Q1-Q2 of 2023.

Suspected leader of OPERA1ER hacking crew, responsible for $11 Million+ in theft, has been arrested in an international operation.

RedEnergy, a sophisticated stealer-as-a-ransomware threat, is targeting energy utilities, oil, gas, telecom, and machinery sectors.

Learn how leaked secrets can lead to devastating breaches and tarnish an organization's reputation.

Developers, beware! npm packages are vulnerable to manifest confusion. This could serve as a backdoor for malicious code, hiding in your project

Meta's Instagram Threads, poised as the next Twitter rival, hits a roadblock in Europe over privacy concerns.

Swedish watchdog warns against using Google Analytics over Data Protection risks linked to U.S. surveillance.

DDoSia attack tool gets an upgrade! Now conceals target lists with new encryption methods.

Neo_Net, a Mexican e-crime actor, is behind an Android malware campaign that's stolen €350,000+ and compromised PII data.

Over 330,000 FortiGate firewalls are still vulnerable to the critical CVE-2023-27997 RCE exploit.

Chinese cyber group targets European ministries with sophisticated HTML smuggling techniques to deploy the PlugX trojan.

CISA flags eight critical vulnerabilities currently exploited in the wild - six affecting Samsung phones and two in D-Link devices.

In the digital warfare against website spam, automation is your ally. Discover CleanTalk Anti-Spam solution for WordPress - a tool designed for precis

Your crypto wallet, your secrets, even your games – NOTHING is safe from Meduza Stealer. Discover how this crimeware stays ahead of the game.

BlackCat ransomware now spreading via malvertising! Watch out for rogue installers disguised as legitimate apps like WinSCP.

An insufficient validation input flaw, one of 11 patched in an update this week, could allow for arbitrary code execution and is under active attack.

Separate fixes to macOS and iOS patch respective flaws in the kernel and WebKit that can allow threat actors to take over devices and are under attack.

Fake travel reservations are exacting more pain from the travel weary, already dealing with the misery of canceled flights and overbooked hotels.

CISA is warning that Palo Alto Networks’ PAN-OS is under active attack and needs to be patched ASAP.

Twitter is blasted for security and privacy lapses by the company’s former head of security who alleges the social media giant’s actions amount to a national security risk.

Tens of thousands of cameras have failed to patch a critical, 11-month-old CVE, leaving thousands of organizations exposed.

Lockbit is by far this summer’s most prolific ransomware group, trailed by two offshoots of the Conti group.

Over 130 companies tangled in sprawling phishing campaign that spoofed a multi-factor authentication system.

Researchers uncover a watering hole attack likely carried out by APT TA423, which attempts to plant the ScanBox JavaScript-based reconnaissance tool.