A threat actor with suspected ties to India has been observed targeting a European foreign affairs ministry with malware capable of harvesting sensitive data from compromised hosts. The activity...
Microsoft is rolling out a new backup system in September for its Authenticator app on iOS, removing the requirement to use a Microsoft personal account to back up TOTP secrets and account names. [...]
Dorsey admitted that his new messaging app had not been reviewed or tested for security issues prior to its launch.
An identity protection expert shares tips on protecting yourself from AI scams.
Bitcoin Depot, which operates cryptocurrency ATMs across North America, says information belonging to more than 26,000 people was breached in an incident last year.
Decentralized exchange GMX disabled trading after it “experienced an exploit." The heist involved more than $40 million in user funds.
Microsoft has confirmed a widespread issue in Windows Server Update Services (WSUS) that prevents organizations from syncing with Microsoft Update and deploying the latest Windows updates. [...]
The U.S. Department of the Treasury's Office of Foreign Assets Control (OFAC) on Tuesday sanctioned a member of a North Korean hacking group called Andariel for their role in the infamous remote...
Run by the team at workflow orchestration and AI platform Tines, the Tines library features over 1,000 pre-built workflows shared by security practitioners from across the community - all free to...
Fed up with AI companies scraping your site's content? Meet Anubis, the self-hosted, proof-of-work firewall that's stopping AI bots in their tracks.
Australian airline Qantas has confirmed that 5.7 million people have been impacted by a recent data breach, in which threat actors stole customers' data. [...]
Google is sharing more information on how Chrome operates when Android mobile users enable Advanced Protection, highlighting strong security improvements. [...]
Time is running out to secure your exhibit table at TechCrunch Disrupt 2025, October 27-29, at Moscone West in San Francisco. This is your chance to get your startup in front of 10,000+ startup...
Threat Tracer, a groundbreaking new feature of Carbon Black Cloud Enterprise EDR, maps connections and context that can lead to faster and more effective remediation
At high-stakes events like corporate conferences, product launches or global summits, every moment matters. Every keynote, breakout session and live stream must be delivered seamlessly to both...
A Chinese national has been arrested in Milan, Italy, for his alleged links to a state-sponsored hacking group known as Silk Typhoon and for carrying out cyber attacks against American...
2025-07-08 • Koi Security • Idan Dardikman Open article on Malpedia
Nova Scotia Power revealed that a ransomware attack has prevented meters from sending energy usage data to its systems, impacting billing
2025-07-08 • Trellix • Akhil Reddy, Alex Lanstein, Alisha Kadam, Aniket Choukde, Aparna Aripirala, Pham Duy Phuc Open article on Malpedia
Thousands of web pages falsely branded as popular news sites are conduits for fake cryptocurrency investment scams, researchers said.
Bitcoin Depot, an operator of Bitcoin ATMs, is notifying customers of a data breach incident that has exposed their sensitive information. [...]
2025-07-07 • Github (VenzoV) • VenzoV • win.amatera Open article on Malpedia
2025-07-08 • United States District Court (Southern District of New York) • United States District Court Southern District of New York • apk.badbox Open article on Malpedia
Businesses can expect to pay a premium for Windows 10 Extended Security Updates, while educators will pay next to nothing. And for the first time, consumers can sign up, with some options that are...
For the first time in 2025, Microsoft's Patch Tuesday updates did not bundle fixes for exploited security vulnerabilities, but the company acknowledged one of the addressed flaws had been publicly...
CVE-2025-47981 has the “unfortunate hallmarks of becoming a significant problem,” said WatchTowr’s CEO
These carrier security settings can prevent your phone number from being hijacked or stolen.
Multiple vulnerabilities that remain unpatched in Ruckus Wireless management products could be exploited to fully compromise the network environment they serve. [...]
Ingram Micro has begun restoring systems and business services after suffering a massive SafePay ransomware attack right before the July 4th holiday. [...]
The US allege that the hacker stole critical COVID-19 research from universities at the behest of the Chinese government