The latest version of the 'Crocodilus' Android malware has introduced a new mechanism that adds a fake contact on the infected device's contact list to deceive victims. [...]

These multifaceted relay modules can reliably switch a multitude of small loads, decouple systems and multiply signals.

The new SDK versions feature advanced elliptic curve cryptography (ECC) for improved data protection in industrial networks.

It is the first web-based automation system to receive the ISASecure SSA Level 1 certification for its built-in cybersecurity approach.

Software-Defined Automation blends IT agility with industrial strength–boosting flexibility, speed and efficiency at the edge. It’s the future of automation, redefined by code, not cables.

Researchers discovered an active exploitation of a misconfigured Open WebUI instance—a self-hosted interface for large language models (LLMs)—that was exposed to the internet with administrator...

We compare the effectiveness of content filtering guardrails across major GenAI platforms and identify common failure cases across different systems. The post How Good Are the LLM Guardrails on...

Cybersecurity researchers have discovered a new cryptojacking campaign that's targeting publicly accessible DevOps web servers such as those associated with Docker, Gitea, and HashiCorp Consul and...

S Ventures invests in the next era of computing through our partnership with Infleqtion, a pioneering leader securing against quantum threats.

Three security vulnerabilities have been disclosed in preloaded Android applications on smartphones from Ulefone and Krüger&Matz that could enable any app installed on the device to perform a...

Qualcomm has shipped security updates to address three zero-day vulnerabilities that it said have been exploited in limited, targeted attacks in the wild. The flaws in question, which were...

Reliable connectivity can make or break efficient business operations—fortunately, there are several different kinds of connectivity available to fit any technical requirement or budget. Selecting...

Litecoin (LTC), often called the “silver to Bitcoin’s gold,” has long been popular for its speed, lower transaction…

Luxury fashion brand Cartier is warning customers it suffered a data breach that exposed customers' personal information after its systems were compromised. [...]

Qualys details CVE-2025-5054 and CVE-2025-4598, critical vulnerabilities affecting Linux crash reporting tools like Apport and systemd-coredump. Learn how…

The sites were used for more than a decade by cybercriminals who wanted to test malware against security tools.

Packing a portable charger for your next flight? Better read up on Southwest's latest policy change.

The compliance company said the customer data exposure was caused by a product change.

If this had been a security drill, someone would’ve said it went too far. But it wasn’t a drill—it was real. The access? Everything looked normal. The tools? Easy to find. The detection? Came too...

The spyware maker claims the damages it was ordered to pay are "excessive," and that the jury wanted to “bankrupt” the company.

The evolution of cyber threats has forced organizations across all industries to rethink their security strategies. As attackers become more sophisticated — leveraging encryption,...

The fate of the fiscal 2026 budget blueprint, which includes a $495 million reduction for the agency, is uncertain. The post Trump budget proposal would slash more than 1,000 CISA jobs appeared...

BO Team, also known as Black Owl, has been active since early 2024 and appears to operate independently, with its own arsenal of tools and tactics, researchers at Russian cybersecurity firm Kaspersky said.

The US Department of the Treasury has taken action against Funnull Technology Inc. for enabling massive pig butchering…

Two U.S. Senators have introduced legislation designed to deepen cybersecurity collaboration within the nation’s energy infrastructure. The proposed... The post US lawmakers propose legislation to...

A group of U.S. Senate Democrats is urging Kristi Noem, the Homeland Security Secretary, to bring back the... The post Senate democrats urge Homeland Security to revive CSRB amid China-linked...

Two local information disclosure flaws in Linux crash-reporting tools have been identified exposing system data to attackers

2025-05-28 • Rapid7 • Anna Širokova, Ivan Feigl • win.winos Open article on Malpedia

Outdoor apparel retailer The North Face is warning customers that their personal information was stolen in credential stuffing attacks targeting the company's website in April. [...]

2025-05-28 • Darktrace • Tara Gould • elf.pumabot Open article on Malpedia