IM
IronMonkey Threat Research
LIVE
|
Articles 27,087
|
CVEs 348,665
|
APT Groups 800
|
Tools 2,196
|
Updated recently
Today Yesterday All 27,055 articles — Page 131 of 902
BleepingComputer ·

A malicious Ledger Live app for macOS available from Apple's App Store has drained approximately $9.5 million in cryptocurrency from 50 victims in just a few days this month. [...]

Financial Services Information Technology Security CryptoCurrency
Wiz Blog | RSS feed ·

Identify stale, duplicated, and inefficient data — and take action to shrink both your storage spend and exposure surface.

Information Technology
CERT Polska ·

Authorization bypass vulnerability (CVE-2025-13822) has been found in MCPHub project.

Information Technology CVE vulnerability
BleepingComputer ·

Microsoft has rolled out a fast-track process to help developers regain access to accounts recently suspended from its Windows Hardware Program, following widespread complaints that they were...

Information Technology Microsoft
Industrial Cyber ·

The U.S. National Institute of Standards and Technology (NIST), through its NIST Information Technology Laboratory (ITL), is supporting... The post NIST develops Trustworthy AI in Critical...

Information Technology Energy Attacks and Vulnerabilities Control device security
Wiz Blog | RSS feed ·

Understanding and defending your GitHub Actions - from threat model to security controls.

Information Technology
The Hacker News ·

A critical security vulnerability impacting ShowDoc, a document management and collaboration service popular in China, has come under active exploitation in the wild. The vulnerability in question...

Information Technology
The Hacker News ·

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added half a dozen security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active...

Information Technology Government Facilities
Schneier on Security ·

Interesting paper: “What hackers talk about when they talk about AI: Early-stage diffusion of a cybercrime innovation.” Abstract: The rapid expansion of artificial intelligence (AI) is raising...

Information Technology Uncategorized academic papers
BleepingComputer ·

Stolen credentials remain a top breach vector, often leading to unchecked privilege escalation. Specops explains how identity-first Zero Trust limits access, enforces device trust, and blocks...

Security
SECURITY.COM ·

Attackers assume strapped teams don’t have advanced protection—Symantec CBX is here to prove them wrong

Information Technology
Proofpoint News Feed ·

Analysis by cybersecurity company Proofpoint reveals that while most partners have implemented baseline email authentication, many are still not proactively blocking fraudulent emails that

Information Technology Financial Services
Siemens ProductCERT Security Advisories ·

SCALANCE W-700 IEEE 802.11n family before V6.6.0 are affected by multiple vulnerabilities. Siemens has released a new version for SCALANCE W-700 IEEE 802.11n family and recommends to update to the...

Information Technology Critical Manufacturing
Siemens ProductCERT Security Advisories ·

RUGGEDCOM CROSSBOW Station Access Controller (SAC) contains a vulnerability that could allow an attacker to achieve arbitrary code execution and to create a denial of service condition. Siemens...

Energy Transportation Systems
Siemens ProductCERT Security Advisories ·

SINEC NMS before V4.0 SP3 contains an Authorization Bypass vulnerability that could allow an attacker to bypass authorization checks, leading to the ability to reset the password of any arbitrary...

Critical Manufacturing Information Technology
Siemens ProductCERT Security Advisories ·

Industrial Edge Management contains an authorization bypass vulnerability that could be exploited by an unauthenticated remote attacker to circumvent authentication and to access connected...

Critical Manufacturing Information Technology
Siemens ProductCERT Security Advisories ·

The products listed below contain a vulnerability that could allow an attacker to perform an out-of-bound read, potentially leading to information disclosure or denial of service of the TPM....

Critical Manufacturing Energy
Siemens ProductCERT Security Advisories ·

RUGGEDCOM CROSSBOW Secure Access Manager Primary (SAM-P) contains a vulnerability that could allow an attacker to escalate their own privileges. Siemens has released a new version for RUGGEDCOM...

Energy Critical Manufacturing
Siemens ProductCERT Security Advisories ·

Siemens SINEC NMS when used with User Management Component (UMC) contains an authentication bypass vulnerability due to insufficient validation of user identity. This could allow an...

Critical Manufacturing Information Technology
Siemens ProductCERT Security Advisories ·

Multiple Siemens applications are affected by improper certificate validation in Siemens Analytics Toolkit. This could allow an unauthenticated remote attacker to perform man in the middle...

Critical Manufacturing Information Technology
TrustedSec ·

We put LLMs to the test—let's find out how good AI is at hacking! We walk through six simple challenges with intentionally naïve setups to test how capable each model is at single-step exploit validation.

Information Technology
Recorded Future ·

Iran War: Future Scenarios and Business Implications

Energy Research (Insikt)
Recorded Future ·

Recorded Future is rolling out new pricing and packaging that bundles its intelligence capabilities into four solutions and three tiered plans, with unlimited users and integrations included.

Information Technology Critical Manufacturing Blog
Recorded Future ·

Recorded Future is rolling out new pricing and packaging that bundles its intelligence capabilities into four solutions and three tiered plans, with unlimited users and integrations included.

Information Technology Critical Manufacturing Blog
Recorded Future ·

Iran War: Future Scenarios and Business Implications

Energy Research (Insikt)
The Hacker News ·

Banks and financial institutions in Latin American countries like Brazil and Mexico have continued to be the target of a malware family called JanelaRAT. A modified version of BX RAT, JanelaRAT is...

Financial Services
The Register - Security ·

One was patched almost 14 years ago Crooks are exploiting four Microsoft vulnerabilities - one patched 14 years ago and another tied to ransomware activity - according to America's lead...

Information Technology Government Facilities
Threats | CyberScoop ·

The company said a developer tool automatically retrieved a malicious version of the popular open-source library, but insists the integrity of its systems and software were not impacted. The post...

Information Technology AI Cybersecurity
The Hacker News ·

The U.S. Federal Bureau of Investigation (FBI), in partnership with the Indonesian National Police, has dismantled the infrastructure associated with a global phishing operation that leveraged an...

Financial Services Government Facilities
Alerts and advisories ·

[Control systems] ABB security advisory (AV26-346)

Critical Manufacturing Energy