IM
IronMonkey Threat Research
LIVE
|
Articles 27,087
|
CVEs 348,613
|
APT Groups 800
|
Tools 2,196
|
Updated recently
Today Yesterday All 27,055 articles — Page 298 of 902
The Hacker News ·

Trust Wallet on Tuesday revealed that the second iteration of the Shai-Hulud (aka Sha1-Hulud) supply chain outbreak in November 2025 was likely responsible for the hack of its Google Chrome...

Critical Manufacturing Financial Services
The Hacker News ·

The threat actor behind two malicious browser extension campaigns, ShadyPanda and GhostPoster, has been attributed to a third attack campaign codenamed DarkSpectre that has impacted 2.2 million...

Information Technology Financial Services
The Hacker News ·

IBM has disclosed details of a critical security flaw in API Connect that could allow attackers to gain remote access to the application. The vulnerability, tracked as CVE-2025-13915, is rated 9.8...

Financial Services Information Technology
The Hacker News ·

Cybersecurity researchers have disclosed details of what appears to be a new strain of Shai Hulud on the npm registry with slight modifications from the previous wave observed last month. The npm...

Information Technology Financial Services
The Register - Security ·

As in past incidents, ESA says the impact was limited to external systems The European Space Agency has suffered yet another security incident and, in keeping with past practice, says the impact...

Commercial Facilities Energy
Wiz Blog | RSS feed ·

We are introducing Zero Code Criticals and Zero Time to Respond clubs to give every team a clear north star for secure development and rapid response

Information Technology Energy
Schneier on Security ·

Interesting article on the variety of LinkedIn job scams around the world: In India, tech jobs are used as bait because the industry employs millions of people and offers high-paying roles. In...

Uncategorized fraud
Security Latest ·

Government staffing cuts and instability, including this year’s prolonged shutdown, could be hindering US digital defense and creating vulnerabilities.

Government Facilities Nuclear Security Security / National Security
The Hacker News ·

The U.S. Department of the Treasury's Office of Foreign Assets Control (OFAC) on Tuesday removed three individuals linked to the Intellexa Consortium, the holding company behind a commercial...

Information Technology Financial Services
Security Latest ·

The United States’ plan for dealing with Putin’s Russia and Xi’s China remains ill-defined among a shifting global order. That must change.

Nuclear Energy Security Security / National Security
Cyble ·

Cyble Vulnerability Intelligence researchers tracked 1,782 vulnerabilities in the last week, the third straight week that new vulnerabilities have been growing at twice their long-term rate. Over...

Critical Manufacturing Information Technology Cyber news Vulnerability
The Register - Security ·

Funds in ‘Money Safe’ accounts are only available when customers appear for face-to-face verification Hong Kong’s banks have a new weapon against scams: Accounts that require customers to visit a...

Financial Services
The Register - Security ·

Pair became ALPHV affiliates to prey on US-based clients A ransomware negotiator and a security incident response manager have admitted to running ransomware attacks.…

ALPHV Healthcare and Public Health Financial Services
The Register - Security ·

Zohran Mamdani appears not to understand that smartphones can be used for evil New York’s mayor-elect Zohran Mamdani has invited the city’s residents to join him at a block party to celebrate his...

Communications
The Hacker News ·

The Cyber Security Agency of Singapore (CSA) has issued a bulletin warning of a maximum-severity security flaw in SmarterTools SmarterMail email software that could be exploited to achieve remote...

Information Technology Financial Services
The Register - Security ·

You didn't think you'd get to enjoy your time off without a major cybersecurity incident, did you? A high-severity MongoDB Server vulnerability, for which proofs of concept emerged over Christmas...

The Hacker News ·

The threat actor known as Silver Fox has turned its focus to India, using income tax-themed lures in phishing campaigns to distribute a modular remote access trojan called ValleyRAT (aka Winos...

Void Arachne Silver Fox Financial Services Information Technology
Wiz Blog | RSS feed ·

Wiz Research reveals the data behind Shai-Hulud's 2.0 long tail, the massive gap in cloud credential rotation, a potential link to the Trust Wallet incident, and how we finally "snipped the tail"...

Critical Manufacturing Commercial Facilities
The Hacker News ·

Artificial intelligence (AI) is making its way into security operations quickly, but many practitioners are still struggling to turn early experimentation into consistent operational value. This...

Information Technology Energy
The Hacker News ·

The Chinese hacking group known as Mustang Panda has leveraged a previously undocumented kernel-mode rootkit driver to deliver a new variant of backdoor dubbed TONESHELL in a cyber attack detected...

Mustang Panda Financial Services Information Technology
SECURITY.COM ·

A backstage pass to the moments that defined our 2025 cybersecurity tour

Energy Commercial Facilities
Wiz Blog | RSS feed ·

Outpacing React2Shell using pre-breach alerts from Wiz ASM to eliminate exploitable risk before attackers find them

Information Technology Transportation Systems
DataBreaches.Net ·

Eric T. Berkman reports: A software company could not face “downstream” liability for a data breach that resulted in an end-user having to settle a class action suit, the 1st U.S. Circuit Court of...

Financial Services Business Sector Commentaries and Analyses
DataBreaches.Net ·

Jonathan Greig reports: U.S. and Australian cyber agencies confirmed that hackers are exploiting a vulnerability that emerged over the Christmas holiday and is impacting data storage systems from...

Healthcare and Public Health Commercial Facilities Miscellaneous
DataBreaches.Net ·

Suzanne Smalley reports: France’s data protection regulator has fined the software company Nexpublica France €1.7 million ($2 million) for poor cybersecurity practices in the wake of a data...

Healthcare and Public Health Commercial Facilities Non-U.S.
DataBreaches.Net ·

Anna Isaac reports: They call it “stopping the bleeding”: the vital window to prevent an entire database from being ransacked by criminals or a production line grinding to a halt. When a call...

Scattered Spider Healthcare and Public Health Commercial Facilities Commentaries and Analyses Malware
Schneier on Security ·

Scammers are generating images of broken merchandise in order to apply for refunds.

Uncategorized AI
eCrime.ch Ransomware News | RSS ·

They call it “stopping the bleeding”: the vital window to prevent an entire database from being ransacked by criminals or a production line grinding to a halt. When a call comes into the...

Scattered Spider Commercial Facilities Emergency Services
The Register - Security ·

One cert, in plaintext, on thousands of devices, led to what looks like years of crime South Korea’s Ministry of Science and ICT has found that local carrier Korea Telecom (KT) deployed thousands...

Communications Defense Industrial Base
GitHub Security Lab Archives - The GitHub Blog ·

Learn why some long-enrolled OSS-Fuzz projects still contain vulnerabilities and how you can find them. The post Bugs that survive the heat of continuous fuzzing appeared first on The GitHub Blog.

Energy Security Vulnerability research