IM
IronMonkey Threat Research
LIVE
|
Articles 27,090
|
CVEs 348,712
|
APT Groups 800
|
Tools 2,196
|
Updated recently
Today Yesterday All 27,058 articles — Page 419 of 902
Maxwell Dulin's Resources ·

This is a Cross-Site (XS) Leaks CTF challenge with a couple of nifty tricks. The user creates a page with HTML injection that the admin then clicks on using a tool like Selenium. The goal is to...

maxwelldulin ·

FreePBX is a web-based GUI for managing the Asterisk VoIP phone system. The application is easily set up on a local network and is built on PHP. The ability to access this would result in the...

Salt Typhoon Communications Energy
maxwelldulin ·

In the middle of 2025, Sean Heelan made a post describing the usage of an LLM to find a use-after-free vulnerability in the Linux Kernel that was similar to an existing bug. In the post, Sean...

Energy
Wiz Blog | RSS feed ·

When common processes start asking the wrong questions

Information Technology
DataBreaches.Net ·

Update: ShinyHunters has provided DataBreaches with some data related to the attack on Stellantis, which they now are claiming responsibility for. They tell DataBreaches that the attack was...

Scattered Spider Healthcare and Public Health Transportation Systems Business Sector Subcontractor
DataBreaches.Net ·

Christian Encila reports: According to Bloomberg and several other news outlets, Crypto.com has pushed back against a report that a 2023 breach exposed user details and was kept from authorities....

Scattered Spider Healthcare and Public Health Transportation Systems Hack
CERT Polska ·

Missing Authentication for Critical Function vulnerability (CVE-2025-9983) has been found in GALAYOU G2 software.

CVE vulnerability
BleepingComputer ·

Mozilla has announced a new feature that enables Firefox extension developers to roll back to previously approved versions, allowing them to quickly address critical bugs and issues. [...]

Financial Services Software Security
Research & Threat Intel News- Outpost24 Blog ·

In July 2025, pro-Palestinian hacktivist group zerodayx1 launched its own Ransomware-as-a-Service (RaaS) operation, following the path of other hacktivist teams. They loudly announced the...

Information Technology Financial Services Research & Threat Intel
BleepingComputer ·

LastPass is warning users of a campaign that targets macOS users with malicious software impersonating popular products delivered through fraudulent GitHub repositories. [...]

Security
Kaspersky ICS CERT (English) ·

The region with high risk of targeted attacks against the technological infrastructures of industrial enterprises

Critical Manufacturing Publications
WeLiveSecurity ·

What you see is not always what you get as cybercriminals increasingly weaponize SVG files as delivery vectors for stealthy malware

Financial Services Government Facilities Malware
BleepingComputer ·

Phishing isn't just email anymore. Attackers now use social media, chat apps & malicious ads to steal credentials. Push Security explains the latest tactics and shows how to stop multi-channel...

Scattered Spider Information Technology Financial Services Security
BleepingComputer ·

Microsoft has confirmed a known issue that prevents some apps from playing Digital Rights Management (DRM) protected video content or displaying and recording live TV. [...]

Microsoft
EclecticIQ Blog ·

Executive Summary EclecticIQ analysts assess with high confidence that ShinyHunters is expanding its operations by combining AI-enabled voice phishing, supply chain compromises, and leveraging...

Scattered Spider ShinyHunters Lead Financial Services Commercial Facilities Intelligence Research
Kaspersky ICS CERT (English) ·

The percentage of threats from email clients increased significantly in South America, and from the internet – in North America (Canada). The review of key cybersecurity issues in these regions.

Critical Manufacturing Publications
Security Latest ·

The UK-based automaker has been forced to stop vehicle production as a result of the attack—costing JLR tens of millions of dollars and forcing its parts suppliers to lay off workers.

Scattered Spider Critical Manufacturing Communications Security Security / Cyberattacks and Hacks
BleepingComputer ·

A gamer seeking financial support for cancer treatment lost $32,000 after downloading from Steam a verified game named BlockBlasters that drained his cryptocurrency wallet. [...]

Financial Services Security CryptoCurrency
Automation.com - All Industrial Automation News and Products ·

Environmental monitoring should be considered a foundational element of any data center management strategy.

Information Technology Energy
Automation.com - All Industrial Automation News and Products ·

The difference between milliseconds and minutes in data latency can determine whether operations continue smoothly or grind to a halt.

Critical Manufacturing Information Technology
DataBreaches.Net ·

On September 17, the Pennsylvania Attorney General’s Office posted the following update to a ransomware attack it initially disclosed on August 11. HARRISBURG — The Office of Attorney General is...

Scattered Spider Healthcare and Public Health Transportation Systems Government Sector Malware
DataBreaches.Net ·

“Goodbye isn’t the end. It’s the beginning of what happens next.” — Joshua Shaw Reading the news, I see some headlines suggesting that “Scattered LAPSUS$ Hunters” lied in their “Goodbye” message....

Scattered Spider Transportation Systems Financial Services Business Sector Commentaries and Analyses
BleepingComputer ·

A critical combination of legacy components could have allowed complete access to the Microsoft Entra ID tenant of every company in the world. [...]

Information Technology Security
Have I Been Pwned latest breaches ·

In October 2021, the now defunct Arabic language Anime website Animeify suffered a data breach that was later redistributed as part of a larger corpus of data. The data included 808k unique email...

Financial Services
BleepingComputer ·

The Royal Canadian Mounted Police has shut down the TradeOgre cryptocurrency exchange and seized more than $40 million believed to originate from criminal activities. [...]

Financial Services Security CryptoCurrency
Zero-Day Archives - Cyber Security News ·

The cybersecurity landscape in 2025 has been marked by an unprecedented surge in zero-day vulnerabilities actively exploited by threat actors. According to recent data, more than 23,600...

Commercial Facilities Information Technology Cyber Security Cyber Security News
DataBreaches.Net ·

Sabine Siebold, Christoph Steitz and Muvija M report: A cyberattack on a provider of check-in and boarding systems has disrupted operations at several major European airports including London’s...

Transportation Systems Defense Industrial Base Business Sector Non-U.S.
Security Latest ·

Plus: An investigation reveals how US tech companies reportedly helped build China’s sweeping surveillance state, and two more alleged members of the Scattered Spider hacking group were arrested.

Scattered Spider Critical Manufacturing Defense Industrial Base Security Security / Cyberattacks and Hacks
DataBreaches.Net ·

Corey Levitan reports: A teenage boy suspected of involvement in the 2023 cyberattacks that disrupted the two largest Las Vegas casino companies has surrendered to authorities, according to the...

Commercial Facilities Business Sector Malware
Threats | CyberScoop ·

The vendor didn’t provide evidence of active exploitation, yet experts said it’s only a matter of time before that changes. The post Researchers raise alarm over maximum-severity defect in...

Salt Typhoon Technology Threats