IM
IronMonkey Threat Research
LIVE
|
Articles 27,086
|
CVEs 348,613
|
APT Groups 800
|
Tools 2,196
|
Updated recently
Today Yesterday All 27,055 articles — Page 35 of 902
Wiz Blog | RSS feed ·

Part 1: How the Red Agent uncovered a multi-step attack chain allowing SSRF-to-Local-File-Read on a GCP Cloud Run API

Information Technology
Wiz Blog | RSS feed ·

An inside look at how the Red Agent, our AI-Powered Attacker, uncovers complex, exploitable risks in the wild

Information Technology
Tenable Blog ·

CISA’s new directive officially ends federal agencies’ reliance on static vulnerability scores. Learn how Tenable One helps federal agencies pivot to dynamic asset exposure, threat validation, and...

Government Facilities Information Technology
DoublePulsar - Medium ·

FortiBleed — 75k Fortinet firewalls have admin passwords crackedAn interesting post popped up on LinkedIn at the weekend from Voldymyr Diachenko saying plain text passwords were found in the wild...

Information Technology Communications fortibleed cybersecurity-news
SECURITY.COM ·

How SE Labs reinforces our belief that security should be tested and proven in the real world

Information Technology
The Hacker News ·

As many as 145 npm packages associated with the Mastra namespace ("@mastra/*"), a popular open-source JavaScript and TypeScript framework for building artificial intelligence (AI) applications,...

Cybersecurity Blog | SentinelOne ·

SentinelOne’s Purple AI Agentic Investigation, now GA, solves the SOC investigation capacity gap with zero-click, machine-speed alert analysis.

Information Technology Company agentic investigation
www.theregister.com - Articles ·

15-year-old among six arrested after Dutch cops target suspected bank fraud call center

Financial Services cyber-crime
The Hacker News ·

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a maximum-severity security flaw impacting Widget Factory Joomla Content Editor (JCE) to its Known Exploited...

Schneier on Security ·

On 14 April, the Trump administration quietly acknowledged the widespread use of AI to automate government processes. The office of management and budget (OMB) disclosed a staggering 3,611 active...

CIA Government Facilities Information Technology Uncategorized AI
WeLiveSecurity ·

Many manufacturing plants depend on OT systems that stay in service for many years. That long run can hide significant cybersecurity risks.

Energy Water Critical Infrastructure
www.theregister.com - Articles ·

Bitter harvest for Australia's Mackay Sugar, attacked in peak cane crushing season

cyber-crime
@BushidoToken Threat Intel ·

What HappenedThroughout May 2026, affiliates of the DragonForce ransomware-as-a-service (RaaS) platform claimed seven UK-based companies as its victims by posting them on their Tor data leak...

ALPHV Scattered Spider Healthcare and Public Health Commercial Facilities DragonForce ransomware
The Hacker News ·

A flaw in the Google Cloud Vertex AI SDK for Python let an attacker with no access to a victim's project hijack the victim's machine learning model upload and run code inside Google's serving...

Recorded Future ·

Explore the state digital surveillance risk landscape. Learn how governments use spyware, AI, and network interception to monitor travelers and how to mitigate these risks.

Information Technology Communications Research (Insikt)
Cloud Threat Landscape ·

On 17 June 2026, attackers compromised a maintainer account associated with the Mastra npm organization and used it to republish 116 packages over a 27-minute period. Rather than modifying...

Information Technology
The Hacker News ·

Cybersecurity researchers have flagged multiple ClickFix campaigns that deliver three malware loaders called BabaDeda Loader, Lorem Ipsum Loader, and Potemkin, per independent reports from...

www.theregister.com - Articles ·

I'm sorry, Dave. I can't install that repo that will totally hose your system

Information Technology ai and ml
www.theregister.com - Articles ·

All have patches, so make sure you upgrade to a fixed version

Information Technology security
Security Latest ·

More than 200 of the world's elites registered for a retreat whose agenda runs from panels on cult-building and sex to prepping for World War III. An associated app offers matchmaking.

Government Facilities Security Security / Cyberattacks and Hacks
The Hacker News ·

Security researchers at Zimperium's zLabs have documented a new Android banking trojan, Rokarolla, that targets 217 banking and cryptocurrency apps and packs 137 remote commands. Together, they...

Financial Services Information Technology
Security Latest ·

The US government crackdown on Anthropic’s Claude Fable 5 and Mythos 5 hides a glaring truth: AI models with advanced hacking capabilities will soon be the norm.

Information Technology Security Security / Cyberattacks and Hacks
The Hacker News ·

Security teams have never had more IP data at their disposal. Every day, analysts ingest enrichment feeds, geolocation data, reputation scores, telemetry, and threat intelligence from a growing...

Information Technology
www.theregister.com - Articles ·

Custom malware routed communications through legitimate Microsoft services, making malicious activity look like routine corporate collaboration

Scattered Spider Information Technology cyber-crime
The Hacker News ·

Bad actors are exploiting multiple security vulnerabilities in Fortinet FortiSandbox, according to threat intelligence firm Defused Cyber. In a post shared on X, the company said it has observed...

The Record from Recorded Future News ·

Authorities said scammers previously exploited the feature by posting fake exam questions before the test and later replacing them with the real questions, making it look like they had leaked the...

Evil Corp Healthcare and Public Health Information Technology Cybercrime Government
Cyber Security Advisories - MS-ISAC ·

Multiple vulnerabilities have been discovered in Mozilla products, the most severe of which could allow for arbitrary code execution. Mozilla Firefox is a web browser used to access the...

Information Technology
Cyber Security Advisories - MS-ISAC ·

A vulnerability has been discovered in SimpleHelp, which could allow for authentication bypass. SimpleHelp is a self-hosted remote support, access, and monitoring software used by IT teams,...

Information Technology
The Hacker News ·

Cybersecurity researchers have flagged two previously undocumented Windows variants of what was believed to be a Linux-only backdoor called SprySOCKS. "The Windows variants discovered are...

www.theregister.com - Articles ·

Attackers used social engineering to access third-party business apps and steal patient information

Healthcare and Public Health cyber-crime