Both companies have faced controversy in recent years, primarily for their work in circumventing mobile device security features The post Cellebrite to acquire mobile testing firm Corellium in...
2025-06-04 • Proofpoint • Abdallah Elshinbary, Jonas Wagner, Konstantin Klinger, Nick Attfield • win.artra, win.havoc Open article on Malpedia
2025-06-04 • Proofpoint • Abdallah Elshinbary, Jonas Wagner, Konstantin Klinger, Nick Attfield • win.almondrat, win.artra, win.havoc, win.miya_rat, win.orpcbackdoor, win.wm_rat, win.zxxz Open...
2025-06-02 • haxrob.net • haxrob • elf.bpfdoor Open article on Malpedia
2025-06-02 • haxrob.net • haxrob • elf.bpfdoor Open article on Malpedia
2025-06-05 • Mobile-Hacker • mh • apk.spymax Open article on Malpedia
Sophisticated nation-state and cybercriminal groups are using insiders to infect targets via hardware devices, despite a lack of reporting of this threat
CERT Polska is observing a malicious email campaign conducted by the UNC1151 group against Polish entities, exploiting a vulnerability in the Roundcube software.
A critical vulnerability in Cisco’s Identity Services Engine (ISE) enables unauthenticated remote attackers to retrieve sensitive information and perform administrative actions across various...
Anthropic says that it has released a new set of AI models tailored for U.S. national security customers. The new models, a custom set of “Claude Gov” models, were “built based on direct feedback...
CyberScoop is first to report on the letter to DHS from the chair of a cybersecurity subcommittee, which also addresses CISA’s role as lead coordinator with the telecom sector. The post Rep....
Cybercriminals have hacked into thousands of Asus routers. Here's how to tell if yours is compromised.
A threat actor has re-released data from a 2021 AT&T breach affecting 70 million customers, this time combining previously separate files to directly link Social Security numbers and birth dates...
It's a little hidden, but there is a way to remove Gemini from your favorite Google services.
Malicious actors are making more use of AI in attacks, even as governments look to boost AI investments
Officials from His Majesty's Revenue & Customs, the U.K.'s tax authority, said criminals took over accounts to pilfer £47 million ($63 million) last year.
Hackers are actively exploiting CVE-2025-49113, a critical vulnerability in the widely used Roundcube open-source webmail application that allows remote execution. [...]
Law enforcement officials said initial access brokers with ties to Play ransomware operators continue to exploit multiple vulnerabilities in remote monitoring and management tool SimpleHelp.
The U.K. National Cyber Security Centre on Wednesday published six cybersecurity culture principles developed through extensive research with... The post UK NCSC unveils cybersecurity culture...
Honeywell disclosed that 1,929 ransomware attacks were publicly documented, with 71 percent of attacks occurring in eight verticals,... The post Honeywell Community Intelligence reveals ransomware...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued Internet Exposure Reduction Guidance to help organizations address overlooked... The post CISA’s Internet Exposure Reduction...
Cellebrite said the deal will help with the "accelerated identification of mobile vulnerabilities and exploits."
Cofense Intelligence uncovers a surge in ClickFix email scams impersonating Booking.com, delivering RATs and info-stealers. Learn how these…
At Infosecurity Europe 2025, Axonius’ Jon Ridyard proposed seven best practices to build mature vulnerability management processes
SQL Injection vulnerability (CVE-2025-4568) has been found in 2ClickPortal software.
Cisco has released security patches to address a critical security flaw impacting the Identity Services Engine (ISE) that, if successfully exploited, could allow unauthenticated actors to carry...
As data breaches rise and public trust flickers, Australia has taken a bold step in reforming its Privacy Act, marking one of the significant regulatory shifts in the region’s digital history. To...
Kaspersky ICS CERT experts managed to find and analyze the malware and utilities most probably used by the actors. The key finding was a previously unknown backdoor.
Designing a security-focused Windows Service? Learn more from ThreatLocker about the core components for real-time monitoring, threat detection, and system hardening to defend against malware and...
Designing a security-focused Windows Service? Learn more from ThreatLocker about the core components for real-time monitoring, threat detection, and system hardening to defend against malware and...