The elusive hacking group Careto was never publicly linked to a specific government, but TechCrunch has learned researchers concluded privately that the Spanish government was behind the group.
CERT Polska has received a report about 3 vulnerabilities (from CVE-2025-3893 to CVE-2025-3895) found in MegaBIP software.
In an international law enforcement operation, 270 individuals involved in dark web criminal activity have been arrested across ten countries. Coordinated by Europol, the operation, codenamed...
Check out expert recommendations for protecting your AI system data. Plus, boost your IT department’s cybersecurity skills with a new interactive framework. In addition, learn about a malware...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA), in collaboration with the National Security Agency (NSA), the Federal... The post Global cybersecurity agencies release AI data...
New data from Dragos reveals that ransomware groups and their affiliates intensified operations in the first quarter of... The post Dragos reports surge in ransomware attacks as AI-powered tactics...
Operation Raptor also resulted in the seizure of $184m and a record amount of illegal drugs, firearms and drug trafficking proceeds
Sophos has observed DragonForce attacking rival ransomware operators including RansomHub as it seeks to expand its reach in the cybercrime marketplace
In the ever-volatile world of decentralized finance (DeFi), yet another major exploit has shaken investor confidence—this time with a staggering $223 million theft from Cetus Protocol, a key...
Posted by Craig Gidney, Quantum Research Scientist, and Sophie Schmieg, Senior Staff Cryptography Engineer Google Quantum AI's mission is to build best in class quantum computing for otherwise...
2025-05-20 • Luigi Martire, Pierluigi Paganini • win.sarcoma Open article on Malpedia
2025-05-23 • abuse.ch • abuse.ch • win.aurotun_stealer Open article on Malpedia
A zero-day vulnerability in the Linux kernel’s SMB (Server Message Block) implementation, identified as CVE-2025-37899, has been discovered using OpenAI’s powerful language model, o3. The...
The U.S. Justice Department has unsealed an indictment against Rustam Rafailevich Gallyamov, a Russian national accused of running a cybercrime group responsible for one of the most notorious...
A coordinated cyber takedown executed by international law enforcement this week has hit the ransomware economy where it hurts most—its infrastructure. Dubbed Operation Endgame 2.0, the sweeping...
Black & Veatch’s 2025 Water Report provides a layered, unflinching look at the pressures shaping the future of... The post 2025 Water Report flags crisis of readiness as sector confronts PFAS, AI,...
Cybercriminals are using TikTok videos to trick users into infecting themselves with Vidar and StealC information-stealing malware in ClickFix attacks. [...]
Microsoft is testing a new AI-powered text generation feature in Notepad that can let Windows Insiders create content based on custom prompts. [...]
In the latest phase of Operation Endgame, an international law enforcement operation, national authorities from seven countries seized 300 servers and 650 domains used to launch ransomware attacks. [...]
Posted by Mateusz Jurczyk, Google Project Zero In the first three blog posts of this series, I sought to outline what the Windows Registry actually is, its role, history, and where to find further...
Even locked phones are tempting targets for thieves, as they can be sold for parts. Here's how to keep your device safe.
Learn about CVE-2025-3248 affecting Langflow. Patch now to prevent remote code execution.
Posted by Mateusz Jurczyk, Google Project Zero In the first three blog posts of this series, I sought to outline what the Windows Registry actually is, its role, history, and where to find further...
The successful break-up of DanaBot marks the second high-profile law enforcement disruption of a widespread malware operation in as many days. The post DanaBot malware operation seized in global...
The successful break-up of DanaBot marks the second high-profile law enforcement disruption of a widespread malware operation in as many days. The post DanaBot malware operation seized in global...
In June 2023, the Fédération Francaise de Rugby (French Rugby Federation) suffered a data breach and attempted ransom. The breach exposed 282k unique email addresses along with names, dates of...
Coca-Cola and its bottling partner CCEP targeted in separate cyber incidents, with the Everest ransomware gang and the Gehenna hacking group claiming data breaches involving sensitive employee and...
The U.S. government today unsealed criminal charges against 16 individuals accused of operating and selling DanaBot, a prolific strain of information-stealing malware that has been sold on Russian...
The alleged leader of the cybercriminal gang behind the Qakbot malware, which was used by many high-profile ransomware gangs, has been indicted by the U.S. Justice Department.
A Chinese-speaking threat actor tracked as UAT-6382 has been linked to the exploitation of a now-patched remote-code-execution vulnerability in Trimble Cityworks to deliver Cobalt Strike and...