Cybersecurity researchers have detailed two now-patched security flaws in SAP Graphical User Interface (GUI) for Windows and Java that, if successfully exploited, could have enabled attackers to...

Now built into Avast Free Antivirus and Avast Premium Security, the AI-driven scam protection warns you about suspicious websites, messages, emails, and more.

Unit 42 details recent Iranian cyberattack activity, sharing direct observations. Tactical and strategic recommendations are provided for defenders. The post Threat Brief: Escalation of Cyber Risk...

Threat actors are abusing the ConnectWise ScreenConnect installer to build signed remote access malware by modifying hidden settings within the client's Authenticode signature. [...]

In a significant bipartisan effort, key U.S. lawmakers today introduced the "No Adversarial AI Act," legislation designed to erect a critical firewall between U.S. federal agencies and artificial...

A sophisticated malicious campaign that researchers call OneClik has been leveraging Microsoft's ClickOnce software deployment tool and custom Golang backdoors to compromise organizations within...

Thousands of personal records allegedly linked to athletes and visitors of the Saudi Games have been published online by a pro-Iranian hacktivist group called Cyber Fattah. Cybersecurity company...

If you invite guest users into your Entra ID tenant, you may be opening yourself up to a surprising risk. A gap in access control in Microsoft Entra’s subscription handling is allowing guest users...

The threat actor used a combination of open-source and publicly available tools to establish their attack framework

Forescout Technologies disclosed that 57 percent of organizations deploy more than three separate tools to monitor IT, OT... The post Forescout-Takepoint Research finds operational security...

Multiple vulnerabilities have been discovered in Cisco ISE and ISE-PIC that could allow for remote code execution. Cisco Identity Services Engine (ISE) is a security policy management platform...

A new wave of North Korea's 'Contagious Interview' campaign is targeting job seekers with malicious npm packages that infect dev's devices with infostealers and backdoors. [...]

Rubrik executives say the startup will help the company deliver “radical simplicity” in AI models and data management. The post Rubrik acquires AI startup Predibase to boost agentic AI offerings...

NSA and CISA are urging developers to adopt memory safe languages (MSLs) to combat vulnerabilities in software

ASEC Blog publishes Ransom & Dark Web Issues Week 4, June 2025 Military-related data from Taiwan, Iran, and Algeria leaked on a cybercrime forum. Hacktivist group LulzSec Black leaked critical...

Several suspects tied to the cybercrime site BreachForums have been arrested in France, according to a local news report, including alleged administrators known as ShinyHunters and Intelbroker.

The number of devices infected by LapDogs is smaller than other ORBs, but that is likely by design, according to SecurityScorecard researchers. The post Stealth China-linked ORB network gaining...

The number of devices infected by LapDogs is smaller than other ORBs, but that is likely by design, according to SecurityScorecard researchers. The post Stealth China-linked ORB network gaining...

In June 2024, the Philippines' largest shopping-mall operators Robinsons Malls suffered a data breach stemming from their mobile app. The incident exposed 195k unique email addresses along with...

A cybercrime group's attack against a London-based pathology service last year was one of the "contributing factors" in the death of a patient, U.K. officials said.

Unknown threat actors have been distributing a trojanized version of SonicWall's SSL VPN NetExtender application to steal credentials from unsuspecting users who may have installed it....

The Glasgow City Council announced that it was affected by an incident “disrupting a number of online services and which may have involved the theft of customer data.”

Google has released Gemini 2.5 Pro-powered Gemini CLI, which allows you to use Gemini inside your terminal, including Windows Terminal. [...]

Cybersecurity researchers have uncovered a fresh batch of malicious npm packages linked to the ongoing Contagious Interview operation originating from North Korea. According to Socket, the ongoing...

Citrix is warning that a vulnerability in NetScaler appliances tracked as CVE-2025-6543 is being actively exploited in the wild, causing devices to enter a denial of service condition. [...]

Semperis estimates that at least 15,000 enterprise SaaS applications are still vulnerable to a flaw discovered in 2023

Called Video Descriptions, the AI feature generates detailed descriptions of what your Ring camera sees and delivers it in your notifications.

Ring gets a new AI-powered feature that offers users specific text descriptions of current motion activity.

Two SAP GUI vulnerabilities have been identified exposing sensitive data due to weak encryption in input history features

Explore key insights from Trustwave SpiderLabs' latest report on securing tech firms against evolving cyber threats. Discover how ransomware attacks are impacting technology companies and learn...