IM
IronMonkey Threat Research
LIVE
|
Articles 27,087
|
CVEs 348,665
|
APT Groups 800
|
Tools 2,196
|
Updated recently
Today Yesterday All 27,055 articles — Page 398 of 902
Cyber Security Advisories - MS-ISAC ·

Multiple vulnerabilities have been discovered in Mozilla products, the most severe of which could allow for arbitrary code execution.*Mozilla Firefox is a web browser used to access the...

Information Technology
The Register - Security ·

Recovery feature lets trusted contacts help you get back in when other methods fail The latest security feature for Gmail enables users to recover their accounts with a little help from their friends.…

Cyber Security Advisories - MS-ISAC ·

Multiple vulnerabilities have been discovered in Adobe products, the most severe of which could allow for arbitrary code execution. Adobe Connect is a software suite for online collaboration.Adobe...

Transportation Systems
Cyber Security Advisories - MS-ISAC ·

A vulnerability has been discovered in Oracle E-Business Suite, which could allow for remote code execution. Oracle E-Business Suite (EBS) is a comprehensive suite of integrated business...

Communications
Security Latest ·

Former GOP operative Scott Leiendecker just bought Dominion Voting Systems, giving him ownership of voting systems used in 27 states. Election experts have concerns.

Communications Healthcare and Public Health Security Security / Security News
Threat Intelligence ·

Written by: Blas Kojusner, Robert Wallace, Joseph Dobson Google Threat Intelligence Group (GTIG) has observed the North Korea (DPRK) threat actor UNC5342 using ‘EtherHiding’ to deliver malware and...

Financial Services Commercial Facilities Threat Intelligence
Threat Intelligence ·

Written by: Mark Magee, Jose Hernandez, Bavi Sadayappan, Jessa Valdez Since late 2023, Mandiant Threat Defense and Google Threat Intelligence Group (GTIG) have tracked UNC5142, a financially...

Information Technology Financial Services Threat Intelligence
The Cloudflare Blog ·

There's no way to audit a site’s client-side code as it changes, making it hard to trust sites that use cryptography. We preview a specification we co-authored that adds auditability to the web.

Security Malicious JavaScript
The Register - Security ·

Flaw in Kestrel web server allowed request smuggling, impact depends on hosting setup and application code Microsoft has patched an ASP.NET Core vulnerability with a CVSS score of 9.9, which...

BleepingComputer ·

Microsoft has disrupted a wave of Rhysida ransomware attacks in early October by revoking over 200 certificates used to sign malicious Teams installers. [...]

Critical Manufacturing Healthcare and Public Health Microsoft Security
The Register - Security ·

Bill Cassidy letter asks if Switchzilla sat on critical flaws before feds were forced into emergency patching US Senator Bill Cassidy has fired off a pointed letter to Cisco over the firewall...

Government Facilities Communications
DataBreaches.Net ·

Here’s a must-read post, especially if you read and repeated claims that DragonForce, Qilin, and LockBit have formed some kind of cartel. Marco A. De Felice writes on SuspectFile: In the recently...

ShinyHunters Transportation Systems Commentaries and Analyses Malware
CERT Polska ·

Insufficient Session Expiration vulnerability (CVE-2025-3930) has been found in Strapi software.

CVE vulnerability
The Register - Security ·

Alert says financial account information lifted from systems Auction house Sotheby's says it was breached on July 24, and those behind the intrusion stole an unspecified amount of data, including...

BleepingComputer ·

​​​​​Microsoft reminded customers this week that Office 2016 and Office 2019 have reached the end of extended support on October 14, 2025. [...]

Healthcare and Public Health Microsoft
The Register - Security ·

GenAI meets Gen Z – only one gets the job ai-pocalypse The UK tech sector is cutting graduate jobs dramatically – down 46 percent in the past year, with another 53 percent drop projected,...

Energy
BleepingComputer ·

Gladinet has released security updates for its CentreStack business solution to address a local file inclusion vulnerability (CVE-2025-11371) that threat actors have leveraged as a zero-day since...

Security
Schneier on Security ·

CNN has a great piece about how cryptocurrency ATMs are used to scam people out of their money. The fees are usurious, and they’re a common place for scammers to send victims to buy cryptocurrency...

Financial Services Uncategorized ATMs
DataBreaches.Net ·

Nicole Aljet reports an update on a data breach that had been disclosed by Regal Medical Group in February 2023. Current and former patients who received a notice in early 2023 stating a data...

ShinyHunters Healthcare and Public Health Transportation Systems Health Data Malware
DataBreaches.Net ·

Stewart Lewis reports: Operations at the Kelowna, B.C., airport (YLW) were disrupted Tuesday evening after its passenger information screens and public address systems were overtaken in a...

ShinyHunters Transportation Systems cyberwar
DataBreaches.Net ·

Greg Otto reports: F5, a company that specializes in application security and delivery technology, disclosed Wednesday that it had been the target of what it’s calling a “highly sophisticated”...

ShinyHunters Emergency Services Transportation Systems cyberwar Of Note
DataBreaches.Net ·

Resecurity has published a new report, “Qilin Ransomware and the Ghost Bulletproof Hosting Conglomerate.” Here is the introduction: The following Resecurity report will explore the Qilin...

Critical Manufacturing Commentaries and Analyses Malware
DataBreaches.Net ·

Lauren Giella reports: Oklahoma health system Integris Health reached a $30 million settlement in a data breach class action lawsuit that impacted over two million people over two years ago. This...

Healthcare and Public Health Financial Services Health Data U.S.
DataBreaches.Net ·

Yonhap News reports: The Ministry of Science and ICT said Monday it has asked the police to investigate allegations that KT obstructed a government probe into the company’s unauthorized mobile...

ShinyHunters Transportation Systems Financial Services Business Sector Commentaries and Analyses
DataBreaches.Net ·

Lawrence Abrams reports: Oracle has silently fixed an Oracle E-Business Suite vulnerability (CVE-2025-61884) that was actively exploited to breach servers, with a proof-of-concept exploit publicly...

ShinyHunters Transportation Systems Business Sector Hack
BleepingComputer ·

CISA has warned that attackers are actively exploiting a maximum-severity vulnerability in Adobe Experience Manager to execute code on unpatched systems. [...]

Government Facilities Information Technology Security
Cisco Talos Blog ·

Cisco Talos has uncovered a new attack linked to Famous Chollima, a threat group aligned with North Korea (DPRK).

Financial Services Energy Threats SecureX
BleepingComputer ·

Traditional MDR focuses on reacting to attacks already in motion — but modern threats demand prevention. Picus Security explains how Unified Exposure Management Platforms continuously identifies,...

Financial Services Transportation Systems Security
Cisco Talos Blog ·

Laura opens up about her journey through various cybersecurity roles, her leap into incident response, and what it feels like to support customers during their toughest moments — including...

Humans of Talos
Tenable Blog ·

Tenable Research found two flaws in SimpleHelp’s remote-support tool that can be chained together to gain remote code execution on clients' devices. SimpleHelp has patched them: CVE-2025-36728 in...

Information Technology Energy