IM
IronMonkey Threat Research
LIVE
|
Articles 27,088
|
CVEs 348,712
|
APT Groups 800
|
Tools 2,196
|
Updated recently
Today Yesterday All 27,056 articles — Page 292 of 902
Articles – Threat Beat ·

About a year ago, the world learned of extensive intrusions into U.S. telecommunications networks, ultimately attributed to China. That was only the beginning of an investigation that led to the...

Defense Industrial Base Communications Insight
The Register - Security ·

Huntress analysis suggests VM escape bugs were already weaponized in the wild Chinese-linked cybercriminals were sitting on a working VMware ESXi hypervisor escape kit more than a year before the...

Information Technology
CERT Polska ·

CERT Polska has received a report about 4 vulnerabilities (from CVE-2025-66049 to CVE-2025-66052) found in Vivotek IP7137 camera.

CVE vulnerability
Schneier on Security ·

Palo Alto’s crosswalk signals were hacked last year. Turns out the city never changed the default passwords.

Uncategorized hacking
CERT Polska ·

Use of Hard-coded Credentials vulnerability (CVE-2025-7072) has been found in firmware of KAON routers CG3000T and CG3000TC.

CVE vulnerability
The Hacker News ·

The U.S. Federal Bureau of Investigation (FBI) on Thursday released an advisory warning of North Korean state-sponsored threat actors leveraging malicious QR codes in spear-phishing campaigns...

Kimsuky Velvet Chollima Black Banshee Financial Services Information Technology
Cyble ·

Cyble Vulnerability Intelligence researchers tracked 678 vulnerabilities in the last week, a decline from the high volume of new vulnerabilities observed in the last few weeks of 2025. Nearly 100...

Critical Manufacturing Information Technology Vulnerability Vulnerability Management
The Register - Security ·

Image generation paywalled on X after ministers and regulators start asking awkward questions Grok has yanked its image-generation toy out of the hands of most X users after the UK government...

eCrime.ch Ransomware News | RSS ·

Metro Pet Vet, with three offices in Lancaster County, is grappling with a ransomware attack that began earlier this week, affecting access to patient records and causing significant operational...

Healthcare and Public Health Financial Services
The Register - Security ·

As you should, when being told the only remedy is deleting everything and starting again On Call 2025 has ended and a new year is upon us, but The Register will continue opening Friday mornings...

Security Latest ·

Jonathan Ross told a federal court in December about his professional background, including “hundreds” of encounters with drivers during enforcement actions, according to testimony obtained by WIRED.

Government Facilities Information Technology Security Security / National Security
Recorded Future ·

Threat intelligence practitioners from Global Payments, Adobe, and Superhuman reveal how mature CTI programs transform data overload into strategic business value. Learn proven approaches to...

Blog
Threats | CyberScoop ·

Talha Tariq quickly found his company at the center of a fast-moving, high-stakes mitigation effort. The result: a bounty program, a cat-and-mouse patch fight, and a debate about open-source...

Energy Financial Services Cybersecurity Technology
The Hacker News ·

Cybersecurity researchers have disclosed details of a new campaign that uses WhatsApp as a distribution vector for a Windows banking trojan called Astaroth in attacks targeting Brazil. The...

Financial Services Information Technology
The Register - Security ·

Authentication is basically solved. Authorization is another thing entirely... CrowdStrike has signed a $740 million deal to buy identity security startup SGNL. The move underscores the growing...

Information Technology
Maxwell Dulin's Resources ·

The author of this post found an unintended way to solve a CTF challenge by exploiting a new cross-site leak (XSLeaks) technique. So, they made this into a standalone challenge for this CTF. The...

Maxwell Dulin's Resources ·

The author of this post had recently found an RCE in a VPN client called SuperShy. After finding this bug, they were curious about other services that exposed WebSockets locally on their system....

The Hacker News ·

A China-nexus threat actor known as UAT-7290 has been attributed to espionage-focused intrusions against entities in South Asia and Southeastern Europe. The activity cluster, which has been active...

Stone Panda Nomad Panda Communications Financial Services
Maxwell Dulin's Resources ·

Flow suffered a major hack of about $3.9M USD. This was not an application but an issue with the blockchain itself. No existing user balances were accessed; the attacker was able to duplicate...

Transportation Systems Healthcare and Public Health
Cisco Talos Blog ·

Talos' editor ditches the pressure of traditional New Year’s resolutions in favor of practical, in-the-moment changes, and finds more success by letting go of perfection. Plus, we break down the...

Commercial Facilities Communications Threat Source newsletter
The Register - Security ·

No reports of active exploitation … yet Cisco patched a bug in its Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC) products that allows remote attackers with...

The Hacker News ·

The internet never stays quiet. Every week, new hacks, scams, and security problems show up somewhere. This week’s stories show how fast attackers change their tricks, how small mistakes turn into...

MuddyWater Double Dragon Bronze Atlas Energy Financial Services
Threats | CyberScoop ·

Among the 66 international organizations the administration withdrew from are a handful that work on cybersecurity topics. The post Trump pulls US out of international cyber orgs appeared first on...

Commercial Facilities Geopolitics Privacy
The Hacker News ·

Chainguard, the trusted source for open source, has a unique view into how modern organizations actually consume open source software and where they run into risk and operational burdens. Across a...

Information Technology Financial Services
The Hacker News ·

Cisco has released updates to address a medium-severity security flaw in Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC) with a public proof-of-concept (PoC) exploit....

Financial Services Information Technology
The Hacker News ·

Cybersecurity researchers have discovered three malicious npm packages that are designed to deliver a previously undocumented malware called NodeCordRAT. The names of the packages, all of which...

Financial Services Information Technology
CERT Polska ·

An issue allowing unauthorized access to medical records (CVE-2025-4596) was found in Asseco AMDX software.

Healthcare and Public Health CVE vulnerability
The Hacker News ·

Cybersecurity researchers have disclosed details of multiple critical-severity security flaws affecting Coolify, an open-source, self-hosting platform, that could result in authentication bypass...

Financial Services Information Technology
Wiz Blog | RSS feed ·

Learn what you can do today to prepare for Q-Day

Information Technology Government Facilities
The Register - Security ·

Cop wins hit crime infrastructure, not the people behind it If 2025 was meant to be the year ransomware started dying, nobody appears to have told the attackers.…