IM
IronMonkey Threat Research
LIVE
|
Articles 27,084
|
CVEs 348,613
|
APT Groups 800
|
Tools 2,196
|
Updated recently
Today Yesterday All 27,052 articles — Page 356 of 902
Cloud Threat Landscape ·

ShadowRay 2.0 targets Ray clusters whose dashboard / Jobs API is exposed without authentication. Attackers first use interact.sh (oast.fun) for out-of-band discovery, posting test jobs to...

Information Technology
The Register - Security ·

Using AI to attack AI updated Malefactors are actively attacking internet-facing Ray clusters and abusing the open source AI framework to spread a self-replicating botnet that mines for...

Financial Services
The Hacker News ·

Meta on Tuesday said it has made available a tool called WhatsApp Research Proxy to some of its long-time bug bounty researchers to help improve the program and more effectively research the...

The Hacker News ·

Cybersecurity researchers have disclosed details of a cyber attack targeting a major U.S.-based real-estate company that involved the use of a nascent command-and-control (C2) and red teaming...

Commercial Facilities Information Technology
The Hacker News ·

Suspected espionage-driven threat actors from Iran have been observed deploying backdoors like TWOSTROKE and DEEPROOT as part of continued attacks aimed at aerospace, aviation, and defense...

Defense Industrial Base Information Technology
The Register - Security ·

Regulator sides with telcos that claimed new cybersecurity duties were too ‘burdensome’ The Federal Communications Commission (FCC) will vote this week on whether to scrap Biden-era cybersecurity...

Salt Typhoon Communications Government Facilities
Cyber Security Advisories - MS-ISAC ·

Multiple vulnerabilities have been discovered in Fortinet products, the most severe of which could allow for arbitrary code execution. FortiClient for Windows is a unified endpoint security...

The Register - Security ·

When? Sean Cairncross wouldn't say America is fed up with being the prime target for foreign hackers. So US National Cyber Director Sean Cairncross says Uncle Sam is going on the offensive – he...

The Register - Security ·

Seventh Chrome 0-day this year Google pushed an emergency patch on Monday for a high-severity Chrome bug that attackers have already found and exploited in the wild.…

Critical Manufacturing
The Hacker News ·

You’ve probably already moved some of your business to the cloud—or you’re planning to. That’s a smart move. It helps you work faster, serve your customers better, and stay ahead. But as your...

Information Technology Commercial Facilities
The Hacker News ·

Identity security fabric (ISF) is a unified architectural framework that brings together disparate identity capabilities. Through ISF, identity governance and administration (IGA), access...

Information Technology Energy
The Hacker News ·

Cybersecurity researchers have discovered a set of seven npm packages published by a single threat actor that leverages a cloaking service called Adspect to differentiate between real victims and...

Information Technology Financial Services
CERT Polska ·

An improper neutralization of input data has been detected in Times Software E-Payroll, resulting in the possibility of a DoS attack and (potentially) SQL Injection (CVE-2025-9977).

CVE vulnerability
eCrime.ch Ransomware News | RSS ·

Ransomware and associated data extortion continue to pose a significant threat to organisations of all types in Switzerland. In the first half of 2025, the NCSC received 57 reports of ransomware...

Financial Services Commercial Facilities
LevelBlue Blogs ·

CPT vs. Bounties: CPT is a time-boxed, structured test for compliance reports with a fixed cost. Bug Bounty is ongoing, open-ended discovery paid per valid vulnerability found. Mitigate Key Risks:...

Transportation Systems
Security Latest ·

By plugging tens of billions of phone numbers into WhatsApp’s contact discovery tool, researchers found “the most extensive exposure of phone numbers” ever—along with profile photos and more.

Healthcare and Public Health Security Security / Privacy
Blog ·

Cybereason Threat Intelligence Team recently conducted an analysis of "The Gentlemen" ransomware group, which emerged around July 2025 as a ransomware threat actor group with relatively advanced...

Information Technology Ransomware Research
The Hacker News ·

Microsoft on Monday disclosed that it automatically detected and neutralized a distributed denial-of-service (DDoS) attack targeting a single endpoint in Australia that measured 5.72 terabits per...

Information Technology Commercial Facilities
The Register - Security ·

They can probably set up a printer faster, but look elsewhere for cryptography advice Gen Z can get off their digital high horses because their passwords are no more secure than their grandparents'.…

Schneier on Security ·

Social media has been a familiar, even mundane, part of life for nearly two decades. It can be easy to forget it was not always that way. In 2008, social media was just emerging into the...

Communications Chemical Uncategorized AI
CERT Polska ·

CERT Polska has received a report about 8 vulnerabilities (from CVE-2025-59110 to CVE-2025-59117) found in Windu CMS software.

CVE vulnerability
Cyble Podcast | Cybersecurity & Threat Intelligence Insights ·

Patch Tuesday week yielded nearly 1,000 vulnerabilities from Microsoft and other vendors. Here are some important ones to focus on. Cyble Vulnerability Intelligence researchers tracked 971...

Critical Manufacturing Government Facilities Cyber news Threat Intelligence
Cisco Talos Blog ·

Today, Cisco Talos is introducing new capabilities for Snort3 users within Cisco Secure Firewall to give you greater flexibility in how you manage, organize, and prioritize detection rules.

Critical Manufacturing Snort On The Radar
The Hacker News ·

Google on Monday released security updates for its Chrome browser to address two security flaws, including one that has come under active exploitation in the wild. The vulnerability in question is...

Information Technology Commercial Facilities
Tenable Blog ·

Tenable has launched Tenable Cloud Vulnerability Management — a powerful new offering within Tenable One — to help vulnerability management leaders identify, prioritize, and remediate exposures...

Information Technology Energy
BleepingComputer ·

Cloudflare is investigating an outage affecting its global network services, with users encountering "internal server error" messages when attempting to access affected websites and online platforms. [...]

Information Technology Communications Technology
BleepingComputer ·

Google has released an emergency security update to fix the seventh Chrome zero-day vulnerability exploited in attacks this year. [...]

Financial Services Security Google
Recorded Future ·

Struggling with vulnerability overload? Learn why CVSS scores alone aren't enough—and how a three-pillar framework using real-world threat intel, environmental context, and organizational...

Critical Manufacturing Financial Services Blog
The Hacker News ·

Cybersecurity researchers have discovered malware campaigns using the now-prevalent ClickFix social engineering tactic to deploy Amatera Stealer and NetSupport RAT. The activity, observed this...

Information Technology Commercial Facilities
The Register - Security ·

Aisuru botnet strikes again, bigger and badder Azure was hit by the "largest-ever" cloud-based distributed denial of service (DDoS) attack, originating from the Aisuru botnet and measuring 15.72...

Communications Defense Industrial Base