IM
IronMonkey Threat Research
LIVE
|
Articles 27,086
|
CVEs 348,613
|
APT Groups 800
|
Tools 2,196
|
Updated recently
Today Yesterday All 27,055 articles — Page 375 of 902
Articles – Threat Beat ·

On the night of June 20, 2025, the Nigerien village of Manda became the stage for one of the deadliest massacres in the Sahel in recent memory. As dozens of worshippers gathered at a mosque for...

Healthcare and Public Health Energy News
The Hacker News ·

Google's artificial intelligence (AI)-powered cybersecurity agent called Big Sleep has been credited by Apple for discovering as many as five different security flaws in the WebKit component used...

Critical Manufacturing
Vulnerability Archives - GBHackers Security | #1 Globally Trusted Cyber Security News Platform ·

A critical vulnerability has been discovered in the Post SMTP WordPress plugin, affecting over 400,000 active installations across the web. The vulnerability, identified as CVE-2025-11833 with a...

Financial Services Information Technology cyber security Cyber Security News
Articles – Threat Beat ·

Super Quik, a US regional gas station chain, has been hit by Russia-linked attackers, who leaked security camera footage and a tranche of internal documents on the dark web. Super Quik, a US...

Energy Healthcare and Public Health News
Articles – Threat Beat ·

The Trump administration is helping to assemble a coalition of allies and partners to trade critical minerals and buffer Beijing’s control of supply global chains, Interior Secretary Doug Burgum...

Healthcare and Public Health Energy News
Articles – Threat Beat ·

Attackers are abusing Amazon Web Services’ (AWS) Simple Email Service (SES) via legitimate open source tools to steal credentials and infiltrate organizations to execute network reconnaissance. In...

Healthcare and Public Health Energy News
The Hacker News ·

Federal prosecutors in the U.S. have accused a trio of allegedly hacking the networks of five U.S. companies with BlackCat (aka ALPHV) ransomware between May and November 2023 and extorting them....

Healthcare and Public Health Critical Manufacturing
The Register - Security ·

France-based victims hit especially hard, while UK named most-targeted country generally Researchers are seeing a "dramatic" increase in cybercrime involving physical violence across Europe, with...

Bitwise Spider Scattered Spider Commercial Facilities Financial Services
Vulnerability Archives - GBHackers Security | #1 Globally Trusted Cyber Security News Platform ·

Google has released an urgent security alert addressing a critical remote code execution vulnerability affecting Android devices worldwide. The vulnerability, tracked as CVE-2025-48593, exists in...

Critical Manufacturing Financial Services Android CVE/vulnerability
The Register - Security ·

Redmond uncovers SesameOp, a backdoor hiding its tracks by using OpenAI’s Assistants API as a command channel Hackers have found a new use for OpenAI's Assistants API – not to write poems or code,...

Information Technology
Schneier on Security ·

Microsoft is warning of a scam involving online payroll systems. Criminals use social engineering to steal people’s credentials, and then divert direct deposits into accounts that they control....

Financial Services Uncategorized banking
BleepingComputer ·

The Swedish Authority for Privacy Protection (IMY) is investigating a cyberattack on IT systems supplier Miljödata that exposed data belonging to 1.5 million people. [...]

Financial Services Security Legal
BleepingComputer ·

Japanese publishing giant Nikkei announced earlier today that its Slack messaging platform had been compromised, exposing the personal information of over 17,000 employees and business partners. [...]

Financial Services Security
The Hacker News ·

Microsoft has disclosed details of a novel backdoor dubbed SesameOp that uses OpenAI Assistants Application Programming Interface (API) for command-and-control (C2) communications. "Instead of...

Critical Manufacturing
Tenable Blog ·

Discover how the latest NERC CIP standard for Internal Network Security Monitoring (INSM) shifts the focus inside your network, and how Tenable can help deliver the comprehensive visibility...

Critical Manufacturing Information Technology
BleepingComputer ·

European law enforcement authorities have arrested nine suspected money launderers who set up a cryptocurrency fraud network that stole over €600 million ($689 million) from victims across...

Financial Services Security
BleepingComputer ·

Attackers exploit web browsers' built-in behaviors to steal credentials, abuse extensions, and move laterall, slipping past traditional defenses. Learn from Keep Aware how browser-layer visibility...

Information Technology Financial Services Security
WeLiveSecurity ·

Think you could never fall for an online scam? Think again. Here's how scammers could exploit psychology to deceive you – and what you can do to stay one step ahead

Video
BleepingComputer ·

The Russian hacker group Curly COMrades has been abusing Microsoft's Hyper-V virtualization technology in Windows to bypass endpoint detection and response solutions by creating a hidden Alpine...

Information Technology Energy Security
BleepingComputer ·

​Microsoft says the October 2025 updates trigger incorrect end-of-support warnings on Windows 10 systems with active security coverage or still under active support. [...]

Microsoft
eCrime.ch Ransomware News | RSS ·

South Korea’s major mobile carrier, SK Telecom, told shareholders that recovery costs and other losses tied to a data breach earlier this year led to a 90 percent drop in operating profit for the...

Communications Financial Services
The Register - Security ·

South Korea's president laughed, so perhaps it was funny? Unlike China's censorship and snooping Chinese president Xi Jinping has joked that smartphones from Xiaomi might include backdoors.…

Salt Typhoon Communications
[DO NOT USE] SpiderLabs Blog ·

Trustwave SpiderLabs team is tracking the consolidation of three well-known threat groups into a “federated alliance” that offers Extortion-as-a-Service.

Scattered Spider ShinyHunters Energy Commercial Facilities Vulnerabilities Data Breach
Maxwell Dulin's Resources ·

The author discusses how different syntaxes by different parsers can lead to security issues. URLs, URIs, content disposition headers, Unicode, etc. are great examples of this. In Python, the...

Maxwell Dulin's Resources ·

This is a large article with trends from the HackerOne platform. Enjoy! The vulnerability classes section is interesting. Access control issues have increased by 18% (IAC) and 29% (IDOR), while...

Financial Services Government Facilities
The Register - Security ·

55 cuffed last week after court ruled sting operation was legal Australian police last week made 55 arrests using evidence gathered with a backdoored messaging app that authorities distributed in...

Communications
Maxwell Dulin's Resources ·

In GitLab, you can specify a server for Sentry to generate function buttons for error tracking lists. By configuring the error information, you can modify the routing of subsequent requests to...

Maxwell Dulin's Resources ·

In a previous blog post, Doyensec detailed how to exploit CSPT to perform CSRF by using file uploads to transfer data for routing in a subsequent request. In their example, there were no...

Government Facilities
BleepingComputer ·

Threat actors are targeting a critical vulnerability in the JobMonster WordPress theme that allows hijacking of administrator accounts under certain conditions. [...]

Financial Services Security
RSS Feed ·

“You can’t handle the truth!” –Col. Jessup played by Jack Nicholson in the 1992 movie “A Few Good Men“ Many think that if they could just get closer to the data that they will somehow discover...

Critical Manufacturing Water General Topic