After an attack on Iran's Sepah bank, the hyper-aggressive Israel-linked hacker group has now destroyed more than $90 million held at Iranian crypto exchange Nobitex.
Barracuda observed a big spike in spam emails generated using AI tools, making up the majority detected in April 2025
It's the latest cyberattack on Iran claimed by a pro-Israeli hacking group since the latest flare up in tensions between the two countries.
As SEO leans towards AI, site owners are more in need of third-party tools, and agencies and updating…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued four new industrial control system (ICS) advisories, warning... The post CISA warns of critical ICS vulnerabilities in...
Upgraded GodFather banking malware now uses on-device virtualization to hijack apps, enabling real-time fraud
Written by: Gabby Roncone, Wesley Shields In cooperation with external partners, Google Threat Intelligence Group (GTIG) observed a Russia state-sponsored cyber threat actor impersonating the U.S....
2025-06-14 • K7 Security • Uma Madasamy • win.chaos Open article on Malpedia
2025-06-17 • DARKReading • James Shank • win.bumblebee, win.emotet, win.pikabot, win.smokeloader, win.trickbot Open article on Malpedia
The Smart Display E10 tablet offers facial recognition, quad-view live stream, event summaries, and a built-in battery for portability.
We are happy to announce the General Availability of Cloudflare Log Explorer, a powerful product designed to bring observability and forensics capabilities directly into your Cloudflare dashboard.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday placed a security flaw impacting the Linux kernel in its Known Exploited Vulnerabilities (KEV) catalog, stating it has...
A former U.S. Central Intelligence Agency (CIA) analyst has been sentenced to little more than three years in prison for unlawfully retaining and transmitting top secret National Defense...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning about the active exploitation of a critical Linux kernel vulnerability, officially listed as CVE-2023-0386. The...
Let's break down eight attack patterns security teams should be watching in 2025.
ClickFix techniques are enabling threat actors to bypass defenses using tools like MSHTA, says ReliaQuest
The Israel-Iran conflict that began with Israeli attacks on Iranian nuclear and military targets on June 13 has sparked a wider cyber conflict in the region, including the launch of new malware...
Cato CTRL uncovers new WormGPT variants powered by jailbroken Grok and Mixtral. Learn how cybercriminals jailbreak top LLMs for uncensored, illegal activities in this latest threat research.
Veeam has rolled out patches to contain a critical security flaw impacting its Backup & Replication software that could result in remote code execution under certain conditions. The security...
Microsoft has announced that it will soon update security defaults for all Microsoft 365 tenants to block access to SharePoint, OneDrive, and Office files via legacy authentication protocols. [...]
A large-scale malware campaign specifically targets Minecraft players with malicious mods and cheats that infect Windows devices with infostealers that steal credentials, authentication tokens,...
Iran has throttled internet access in the country in a purported attempt to hamper Israel's ability to conduct covert cyber operations, days after the latter launched an unprecedented attack on...
The new Cyber Growth Action Plan aims to support the UK’s cyber industry, including the development of innovative new technologies and startups
In this sixth installment of Tenable’s “Stronger Cloud Security in Five” blog series, we offer three recommendations that you can quickly roll out to help you expedite, prioritize and fine-tune...
The group positions itself “not just as a ransomware group, but as a full-service cybercrime platform”, according to Cybereason
Attackers are increasingly hiding in plain sight, using the same tools IT and security teams rely on for daily operations. This blog breaks down common techniques and provides recommendations to defenders.
Phishing has evolved—and trust is the new attack vector. ChainLink Phishing uses real platforms like Google Drive & Dropbox to sneak past filters and steal credentials in the browser. Watch Keep...
Learn how the North Korean-aligned Famous Chollima is using the a new Python-based RAT, "PylangGhost," to target cryptocurrency and blockchain jobseekers in a campaign affecting users primarily in India.
AI tools can help attackers to develop and launch more attacks, more frequently, and to make these attacks more evasive, convincing and targeted. But to what extent are they doing these things?
CISA has warned U.S. federal agencies about attackers targeting a high-severity vulnerability in the Linux kernel's OverlayFS subsystem that allows them to gain root privileges. [...]