Forcepoint’s X-Labs reveals Remcos malware using new tricky phishing emails from compromised accounts and advanced evasion techniques like…
Use these insights to automate software security (where possible) to keep your projects safe. The post GitHub Advisory Database by the numbers: Known security vulnerabilities and what you can do...
In today’s fast-paced digital landscape, companies are increasingly recognizing the transformative potential of artificial intelligence (AI). 92% of companies plan to increase their AI investments...
A new campaign has been observed leveraging fake websites advertising popular software such as WPS Office, Sogou, and DeepSeek to deliver Sainbox RAT and the open-source Hidden rootkit. The...
In a 6-3 decision, the Supreme Court held that age verification for explicit sites is constitutional. In a dissent, Justice Elena Kagan warned it burdens adults and ignores First Amendment precedent.
Hackers associated with Scattered Spider tactics have expanded their targeting to the aviation and transportation industries after previously attacking insurance and retail sectors [...]
To celebrate United Nations Micro, Small, and Medium Sized Enterprises Day, Cloudflare is sharing success stories of small businesses building and growing on our platform.
The Dutch conglomerate behind Hannaford, Stop & Shop and other major grocery brands informed state regulators of the scope of a November cyberattack that hampered online orders and leaked sensitive data.
As the summer heat intensifies, so does the wave of critical vulnerabilities heating up the cyber threat landscape. Hot on the heels of the disclosure of the CVE-2025-49144 vulnerability in...
2025-06-24 • Socket • Socket • js.beavertail, py.invisibleferret Open article on Malpedia
2025-06-26 • Arctic Wolf • Arctic Wolf Labs Team • win.giftedcrook Open article on Malpedia
Threat intelligence firm GreyNoise is warning of a "notable surge" in scanning activity targeting Progress MOVEit Transfer systems starting May 27, 2025—suggesting that attackers may be preparing...
Trustwave SpiderLabs has assessed with high confidence that the threat group Blind Eagle, aka APT-C-36, is associated with the Russian bulletproof hosting service provider Proton66. Blind Eagle is...
Trustwave SpiderLabs has assessed with high confidence that the threat group Blind Eagle, aka APT-C-36, is associated with the Russian bulletproof hosting service provider Proton66. Blind Eagle is...
The US airline said that incident was affecting some of its IT systems, but flights are continuing to operate safely and as scheduled
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday released two industrial control systems (ICS) advisories highlighting... The post Critical ICS vulnerabilities threaten...
Following a review of the cybersecurity risk management at the National Aeronautics and Space Administration (NASA), the U.S.... The post GAO finds NASA’s cyber risk practices inadequate, raising...
At the June Federal Energy Regulatory Commission (FERC) meeting, the North American Electric Reliability Corporation (NERC) CIP-015-1 was... The post FERC approves NERC CIP-015-1 internal network...
UNFI, the biggest supplier to Whole Foods stores, reported that its income will take a hit for the quarter that ends in August because of a recent cyberattack that disrupted operations.
Cybersecurity researchers have detailed a new campaign dubbed OneClik that leverages Microsoft's ClickOnce software deployment technology and bespoke Golang backdoors to compromise organizations...
Starting June 9, 2025, Russian internet service providers (ISPs) have begun throttling access to websites and services protected by Cloudflare, an American internet giant. [...]
Tech Transparency Project warns Chinese-owned VPNs like Turbo VPN and X-VPN remain on Apple and Google app stores, raising national security concerns.
A critical NetScaler ADC and Gateway vulnerability dubbed "Citrix Bleed 2" (CVE-2025-5777) is now likely exploited in attacks, according to cybersecurity firm ReliaQuest, seeing an increase in...
A critical NetScaler ADC and Gateway vulnerability dubbed "Citrix Bleed 2" (CVE-2025-5777) is now likely exploited in attacks, according to cybersecurity firm ReliaQuest, seeing an increase in...
This new CitrixBleed lookalike flaw is being exploited in the wild to gain initial access, according to ReliaQuest
Check out the U.S. government’s latest call for developers to use memory-safe programming languages, as well as its warning for cybersecurity teams regarding cyber risk from hackers tied to Iran....
Google says its latest security features are designed to block scam calls and texts, shady apps, and even phone theft. Here's how they work.
GreyNoise observed a surge in scanning activity targeting MOVEit Transfer systems since May 27, indicating the software could face renewed attacks
The current geopolitical climate demands a proactive, comprehensive approach to cybersecurity. Here’s what you need to know — and how Tenable can help.The cybersecurity landscape is in constant...
Tenable’s Research Special Operations team focuses on some frequently asked questions about Iranian cyber operations, including the tactics, techniques and procedures employed by Iran-based threat...