Police in Europe have shut down a fake online trading platform that scammed hundreds of victims out of…
The U.S. House Committee on Homeland Security convened a hearing to review the Department of Homeland Security’s (DHS)... The post Chinese cyber threats and infrastructure vulnerabilities dominate...
Multiple vulnerabilities have been discovered in Ivanti Endpoint Manager Mobile, the most severe of which could allow for remote code execution. Ivanti Endpoint Manager Mobile (EPMM) is a unified...
A news report highlighted that U.S. energy officials are re-evaluating the potential risks associated with Chinese-made devices that... The post US energy sector at risk, as Chinese inverters are...
Xona Systems, provider of secure access solutions for operational technology (OT) environments, announced its partnership with Solution Synergy,... The post Xona Systems and Solution Synergy...
Ivanti has released security patches to address two vulnerabilities in its Endpoint Manager Mobile (EPMM) software, which were being actively exploited in limited attacks. These vulnerabilities,...
A malicious package in the Node Package Manager index uses invisible Unicode characters to hide malicious code and Google Calendar links to host the URL for the command-and-control location. [...]
A malicious package in the Node Package Manager index uses invisible Unicode characters to hide malicious code and Google Calendar links to host the URL for the command-and-control location. [...]
Coinbase, a cryptocurrency exchange with over 100 million customers, has disclosed that cybercriminals working with rogue support agents stole customer data and demanded a $20 million ransom not...
Most online merchants now believe customers pose as big a threat as professional fraudsters
Russian hackers aren’t just targeting Ukraine — they also appear to be going after their defense contractors in other countries, new ESET research surmises. The post Fancy Bear campaign sought...
The percentage of ICS computers on which various types of malware spread via the internet and email were blocked increased for the first time in two years.
Unified visibility and context are the keys to an effective exposure management program. Learn how the new Tenable One connectors and unified dashboards give you a comprehensive view of your...
Gartner’s Top Cybersecurity Trends of 2025 report emphasizes the growing influence of generative AI (GenAI), highlighting new opportunities for organizations to enhance their security strategies...
Shoppers across the UK are noticing growing gaps in product displays at Co-op stores, with certain items missing and others running low, especially in smaller and remote locations. The disruptions...
The ransomware landscape is more fragmented than ever, with no “market leader,” says William Lyne, Head of Intelligence at the NCA
The Japanese government has set an ambitious target to increase the number of cybersecurity experts to 50,000 by 2030. This initiative aims to address the pressing shortage of qualified personnel...
ESET researchers uncover a Russia-aligned espionage operation targeting webmail servers via XSS vulnerabilities
Nova Scotia’s largest electric utility, Nova Scotia Power, has confirmed that customer information was stolen in a recent cyberattack that compromised parts of its IT systems. The company, along...
Google has released emergency security updates to patch a high-severity Chrome vulnerability that has a public exploit and can let attackers hijack accounts. [...]
Bug bounty programs allow security researchers to disclosure vulnerabilities to get patched. Many of these programs pay money for reporting these issues. Given that there's money on the line,...
Samsung has released software updates to address a critical security flaw in MagicINFO 9 Server that has been actively exploited in the wild. The vulnerability, tracked as CVE-2025-4632 (CVSS...
At least two different cybercrime groups BianLian and RansomExx are said to have exploited a recently disclosed security flaw in SAP NetWeaver, indicating that multiple threat actors are taking...
Don't get duped, doxxed, or drained! In this episode of "Smashing Security" we dive into the creepy world of sextortion scams, and investigate how crypto wallet firm Ledger's Discord server was...
A Chinese-language, Telegram-based marketplace called Xinbi Guarantee has facilitated no less than $8.4 billion in transactions since 2022, making it the second major black market to be exposed...
The Trump administration’s CFPB nominee spoke positively in February about the Biden-era rule to regulate the sale of Americans’ personal data, but he is now slotted instead for a Treasury...
Following a WIRED inquiry, Telegram banned thousands of accounts used for crypto scam money laundering, including those of Haowang Guarantee, a black market that enabled over $27 billion in transactions.
A new global phishing threat called "Meta Mirage" has been uncovered, targeting businesses using Meta's Business Suite. This campaign specifically aims at hijacking high-value accounts, including...
There is a lot of money in cyberattacks like ransomware, and unfortunately for organizations of all sizes, the…
Rep. Bennie Thompson, D-Miss., leveled that charge at DHS Secretary Kristi Noem at a hearing Wednesday. The post DHS won’t tell Congress how many people it’s cut from CISA appeared first on CyberScoop.