IM
IronMonkey Threat Research
LIVE
|
Articles 27,088
|
CVEs 348,712
|
APT Groups 800
|
Tools 2,196
|
Updated recently
Today Yesterday All 27,056 articles — Page 306 of 902
Threat Research – Sophos News ·

The fake human verification process led to infostealer and ransomware infections

Energy Threat Research clickfix
Security Latest ·

The agency plans to renew a sweeping cybersecurity contract that includes expanded employee monitoring as the government escalates leak investigations and casts internal dissent as a threat.

Government Facilities Defense Industrial Base Security Security / Privacy
Cisco Talos Blog ·

This week, Joe laments on 2025, and what we can think of in 2026 in the wild world of cybersecurity.

Critical Manufacturing Threat Source newsletter
The Register - Security ·

'Within 10 minutes of gaining initial access, crypto miners were operational' Your AWS account could be quietly running someone else's cryptominer. Cryptocurrency thieves are using stolen Amazon...

Financial Services
The Hacker News ·

This week’s ThreatsDay Bulletin tracks how attackers keep reshaping old tools and finding new angles in familiar systems. Small changes in tactics are stacking up fast, and each one hints at where...

Financial Services Information Technology
The Record from Recorded Future News ·

Of the $3.4 billion in crypto stolen from January to December, Chainalysis attributed at least $2.02 billion to North Korean hackers.

Lazarus Group Financial Services Critical Manufacturing Cybercrime Industry
Blue Team Archives - Black Hills Information Security, Inc. ·

By Troy Wojewoda During a recent Breach Assessment engagement, BHIS discovered a highly stealthy and persistent intrusion technique utilized by a threat actor to maintain Command-and-Control (C2)...

Active SOC Breach Assessment
The Register - Security ·

ByBit attack doing some seriously heavy lifting North Korea's yearly cryptocurrency thefts have accelerated, with Kim's state-backed cybercriminals plundering just over $2 billion worth of tokens in 2025.…

Financial Services Defense Industrial Base
Security Latest ·

Capable of creating “nearly perfect” face swaps during live video chats, Hoatian has made millions, mainly via Telegram. But its main channel vanished after WIRED's inquiry into scammers using the app.

Financial Services Energy Security Security / Security News
The Hacker News ·

Within the past year, artificial intelligence copilots and agents have quietly permeated the SaaS applications businesses use every day. Tools like Zoom, Slack, Microsoft 365, Salesforce, and...

Information Technology Financial Services
Schneier on Security ·

I’m sure there’s a story here: Sources say the man had tailgated his way through to security screening and passed security, meaning he was not detected carrying any banned items. The man deceived...

Uncategorized air travel
SECURITY.COM ·

Tool sprawl breeds gaps—platforms help close them

Transportation Systems
LevelBlue SpiderLabs Blog ·

LevelBlue SpiderLabs has discovered a vulnerability in the Orkes Conductor platform (version 5.2.4 | v1.19.12) that allows authenticated attackers to perform time-based blind SQL injection attacks...

Energy Financial Services Database Protection Security Research
LevelBlue SpiderLabs Blog ·

LevelBlue SpiderLabs has discovered a vulnerability in the Orkes Conductor platform (version 5.2.4 | v1.19.12) that allows authenticated attackers to perform time-based blind SQL injection attacks...

Financial Services Commercial Facilities Database Protection Security Research
The Register - Security ·

Flaw in remote-access appliance lets attackers chain bugs for root-level takeover SonicWall has warned customers of a zero-day flaw in its SMA 1000 remote-access appliance that's being actively...

Information Technology
CERT Polska ·

CERT Polska has received a report about 5 vulnerabilities (from CVE-2025-65007 to CVE-2025-65011) found in WODESYS WD-R608U router.

Critical Manufacturing CVE vulnerability
The Register - Security ·

Justice Department claims unlicensed exchange funneled ransomware profits US feds have dismantled a crypto laundering service that they say helped cybercrooks wash tens of millions of dollars in...

Government Facilities Financial Services
The Record from Recorded Future News ·

In a decision that only affects Pennsylvanians but could have privacy implications elsewhere, the state's Supreme Court ruled that police did not need a warrant to access a rape suspect's Google searches.

Communications Critical Manufacturing Government Privacy
The Hacker News ·

The North Korean threat actor known as Kimsuky has been linked to a new campaign that distributes a new variant of Android malware called DocSwap via QR codes hosted on phishing sites mimicking...

Information Technology Critical Manufacturing
The Register - Security ·

Around 2,000 GP practices use its products An NHS tech supplier is investigating a cyberattack that affected its systems in the early hours of Sunday.…

Healthcare and Public Health Financial Services
Articles – Threat Beat ·

Check Point Research tracks a sustained, highly capable espionage cluster, which it refers to as Ink Dragon, and is referenced in other reports as CL-STA-0049, Earth Alux, or REF7707. This cluster...

Earth Alux Energy Dams News
Articles – Threat Beat ·

While most workers believe they can spot a phishing attempt, nearly one-in-four under-35s would fall for a suspicious message if they thought it came from a colleague or boss. Four-in-five British...

Energy Dams News
Articles – Threat Beat ·

Generative AI systems can be developed with safeguards to prevent undesired and harmful use or protected by additional software. However, the National Institute of Standards and Technology (NIST)...

Energy Dams News
Articles – Threat Beat ·

A woman who allegedly pushed razor blades into loaves of bread at two Biloxi, Mississippi, Walmart stores was arrested on Tuesday. Camille Benson, 33, of Texas, has been charged with attempted...

Energy Dams News
CERT Polska ·

Authorization Bypass Through User-Controlled Key vulnerability (CVE-2025-10910) has been found in Govee devices with cloud connectivity firmware.

Information Technology CVE vulnerability
Articles – Threat Beat ·

Venezuela’s state-owned oil and natural gas company Petróleos de Venezuela (PDVSA) this week downplayed the impact of what appeared to be a major cyberattack, which it blamed on the U.S....

Energy Dams News
Articles – Threat Beat ·

Weeks of interruptions to Pulaski Electric System (PES) services for customers have been caused by a cyber attack, the utility provider revealed this week. “PES has learned that it was the victim...

Energy Dams News
The Register - Security ·

Security boffins say bug is already being used to deploy ransomware, as exploitation continues to surge across exposed servers Microsoft says attackers have already compromised "several hundred...

Articles – Threat Beat ·

Late into a nearly hour-long news conference, the head of King County’s Department of Natural Resources and Parks made a sobering statement about weak spots in the county’s levee system. “(There...

Energy Dams News
Cyber Security Advisories - MS-ISAC ·

A vulnerability has been discovered in Cisco AsyncOS, which could allow for remote code execution. AsyncOS is the operating system used by Cisco Secure Email Gateway and Cisco Secure Email and Web...

Communications Information Technology