Explore key insights from Trustwave SpiderLabs' latest report on securing tech firms against evolving cyber threats. Discover how ransomware attacks are impacting technology companies and learn...

WinRAR has addressed a directory traversal vulnerability tracked as CVE-2025-6218 that, under certain circumstances, allows malware to be executed after extracting a malicious archive. [...]

Le Chat and Grok are the most respectful of your privacy. So which ones are the worst offenders?

2025-06-24 • Trellix • Nico Paulo Yturriaga, Pham Duy Phuc Open article on Malpedia

The National Security Agency and the Cybersecurity and Infrastructure Security Agency (CISA) published on Tuesday a joint cybersecurity... The post NSA, CISA guidance push for adoption of memory...

Trellix Advanced Research Center exposed a sophisticated APT malware campaign dubbed OneClik, targeting the oil and gas and... The post Trellix details OneClik malware campaign targeting energy,...

Prometheus Hyperscale is advancing the frontier of artificial intelligence (AI) infrastructure. Founded by Trenton Thornock, who comes from a sixth-generation ranching family, the company blends...

A recent vulnerability in Citrix NetScaler ADC and Gateway is dubbed "CitrixBleed 2," after its similarity to an older exploited flaw that allowed unauthenticated attackers to hijack...

NCC Group found that ransomware attacks fell for the third consecutive month in May 2025, despite a surge in incidents impacting retailers

The summer season has proven to be alarmingly hot, not due to rising temperatures, but because of a surge in critical cybersecurity vulnerabilities. Threat actors have ramped up exploitation...

TeamViewer has shared a new security update for a flaw in TeamViewer Remote Management for Windows. The vulnerability, officially cataloged as CVE-2025-36537, allows a local, unprivileged user to...

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued new ICS (industrial control systems) advisories on Tuesday, highlighting... The post New CISA advisories urge swift action...

A new report from Rockwell Automation signals a critical turning point in industrial transformation. In the latest ‘State... The post Smart manufacturing at turning point as cybersecurity, IT/OT...

Cydome, a cybersecurity company with purpose-built solutions for maritime, remote facilities, and critical infrastructure, announced on Tuesday its... The post Cydome partners with MarineNet to...

Microsoft on Tuesday announced that it's extending Windows 10 Extended Security Updates (ESU) for an extra year by letting users either pay a small fee of $30 or by sync their PC settings to the...

Dragos Inc., a vendor of cybersecurity offerings for operational technology (OT) environments, announced on Tuesday that Casey Herman,... The post Dragos appoints Casey Herman, Deborah Hopkins to...

Incogni and DeleteMe are data removal services that can help you lock down your data, but they specialize in different areas. Read on to discover which service will suit you best.

The French police have reportedly arrested five operators of the BreachForum cybercrime forum, a website used by cybercriminals to leak and sell stolen data that exposed the sensitive information...

In its annual SMB threat report, Kaspersky shares insights into trends and statistics on malware, phishing, scams, and other threats to small and medium-sized businesses, as well as security tips.

Cybercriminals are increasingly gravitating towards uncensored LLMs, cybercriminal-designed LLMs and jailbreaking legitimate LLMs.

UK ransomware victims are paying extortionists twice as much as a year ago

Tenable One empowers security teams to go beyond surface-level risk tracking and drive measurable improvements across their security programs. With unified visibility and customizable dashboards,...

The Common Good Cyber Fund will receive funding from the UK and Canadian governments, with further pledges from G7 nations

Okta says over 46% of new customer registrations are bot-driven fraud attempts

2025-06-21 • Cert-UA • Cert-UA • win.beardshell, win.slimagent Open article on Malpedia

2025-06-18 • Seqrite • Prashil Moon • win.masslogger Open article on Malpedia

Once you turn on these new Android 16 security features, your information and phone will be better protected against harm.

Wordfence exposes a sophisticated WordPress malware campaign using a rogue WordPress Core plugin. Active since 2023, it steals credit cards and credentials with advanced anti-detection.

2025-06-23 • cocomelonc • cocomelonc Open article on Malpedia

In August 2021, the teaching resources website Have Fun Teaching suffered a data breach that leaked 80k WooCommerce transactions which were later posted to a popular hacking forum. The data...