The Business of Secrets: Adventures in Selling Encryption Around the World by Fred Kinch (May 24, 2004) From the vantage point of today, it’s surreal reading about the commercial cryptography...
Operation Endgame also takes down Elysium and VenomRAT infrastructure International cops have pulled apart the Rhadamanthys infostealer operation, seizing 1,025 servers tied to the malware in...
Posted by Jeff Vander Stoep, Android Last year, we wrote about why a memory safety strategy that focuses on vulnerability prevention in new code quickly yields durable and compounding gains. This...
Synnovis's 18-month forensic review of Qilin intrusion completed, now affected patients to be notified Synnovis has finally wrapped up its investigation into the 2024 ransomware attack that...
In August 2025, Cisco Talos observed big-game hunting and double extortion attacks carried out by Kraken, a Russian-speaking group that has emerged from the remnants of the HelloKitty ransomware cartel.
The Washington Post is notifying nearly 10,000 employees and contractors that some of their personal and financial data has been exposed in the Oracle data theft attack. [...]
Cybersecurity researchers are calling attention to a large-scale spam campaign that has flooded the npm registry with thousands of fake packages since early 2024 as part of a likely financially...
Between 10 and 13 November 2025, the latest phase of Operation Endgame was coordinated from Europol's headquarters in The Hague. The actions targeted one of the biggest infostealer Rhadamanthys,...
Elastic has released a security advisory addressing an origin validation error in Kibana that could expose systems to Server-Side Request Forgery (SSRF) attacks. The vulnerability, tracked as...
Kerberoasting attacks let hackers steal service account passwords and escalate to domain admin, often without triggering alerts. Specops Software shares how auditing AD passwords, enforcing long...
Look no further to learn how cybercriminals could try to crack your vault and how you can keep your logins safe
As organizations rush to deploy AI, enterprise defenses are struggling to keep up. This blog explores the emerging AI exposure gap — the widening divide between innovation and protection — and...
Microsoft is rolling out a new Teams feature for Premium customers that will automatically block screenshots and recordings during meetings. [...]
ransomware attacks in October 2025 " data-image-caption="" data-medium-file="https://cyble.com/wp-content/uploads/2025/11/ransomware-attacks-in-October-2025-300x150.webp"...
Amazon’s threat intelligence division has revealed a cyber-espionage campaign involving an advanced persistent threat (APT) group exploiting previously undisclosed zero-day vulnerabilities in...
Uhale Android-based digital picture frames come with multiple critical security vulnerabilities and some of them download and execute malware at boot time. [...]
Dell Technologies has disclosed a critical security vulnerability affecting its Data Lakehouse platform that could allow attackers with high-level privileges to escalate their access and...
CISA warned federal agencies to fully patch two actively exploited vulnerabilities in Cisco Adaptive Security Appliances (ASA) and Firepower devices. [...]
Introduction Redis is an open-source, in-memory data store widely used as a cache, message broker, and high-performance NoSQL database. It offers rich data structures like strings, hashes, lists,...
Law enforcement authorities from 9 countries have taken down 1,025 servers used by the Rhadamanthys infolstealer, VenomRAT, and Elysium botnet malware operations in the latest phase of Operation...
The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical vulnerability affecting WatchGuard Firebox firewalls to its Known Exploited Vulnerabilities (KEV) catalog, warning...
Cloud Software Group has disclosed a cross-site scripting (XSS) vulnerability affecting NetScaler ADC and NetScaler Gateway platforms. The flaw, tracked as CVE-2025-12101, poses a moderate...
CISA has ordered federal agencies to patch an actively exploited vulnerability in WatchGuard Firebox firewalls, which allows attackers to gain remote code execution on compromised devices. [...]
Explore the latest third-party risk statistics and learn how data-driven, continuous monitoring for third-party risk assessments can protect your supply chain.
Researchers uncovered an advanced persistent threat (APT) exploiting zero-day vulnerabilities in Cisco Identity Services Engine (ISE) and Citrix systems (CitrixBleed2). The vulnerabilities,...
A cleanup month brings 63 patches… wait, no, 68… how about 61?
The Department of Homeland Security collected data on Chicago residents accused of gang ties to test if police files could feed an FBI watchlist. Months passed before anyone noticed it wasn’t deleted.
600+ phishing websites and 116 of these use a Google logo Google has filed a lawsuit against 25 unnamed China-based scammers, which it claims have stolen more than 115 million credit card numbers...
Google has filed a civil lawsuit in the U.S. District Court for the Southern District of New York (SDNY) against China-based hackers who are behind a massive Phishing-as-a-Service (PhaaS) platform...
Amazon's threat intelligence team on Wednesday disclosed that it observed an advanced threat actor exploiting two then-zero-day security flaws in Cisco Identity Service Engine (ISE) and Citrix...