This report provides statistics on the number of new ransomware samples collected, the number of affected systems, and affected companies in April 2025, as well as key ransomware issues in and out...
Heard of polymorphic browser extensions yet? These savage imposters threaten the very future of credential management. Here's what you need to know - and do.
The National Cyber Security Centre (NCSC), part of GCHQ, unveiled two key initiatives aimed at strengthening the UK’s... The post GCHQ’s NCSC launches cyber resilience facilities, threat...
Ransomware remains a critical and escalating threat to organizations globally, significantly impacting operational technology (OT) environments and critical infrastructure. The... The post Dragos...
During Infosecurity Europe 2025 experts will explore how to strengthen organizational resilience against persistent third-party risks
We’re thrilled to announce that six remarkable leaders from Barracuda have been recognized in the 2025 CRN® Women of the Channel list.
A new campaign employing ClickFix attacks has been spotted targeting both Windows and Linux systems using instructions that make infections on either operating system possible. [...]
2025-04-29 • Nextron Systems • Maurice Fielenbach • win.cobalt_strike, win.nitrogen Open article on Malpedia
2025-05-07 • NTT Security • Masaya Motoda, Rintaro Koike • js.beavertail, js.otter_cookie, py.invisibleferret Open article on Malpedia
The landmark Singapore Consensus comes at a time when the giants of generative AI - such as OpenAI - are disclosing less and less to the public.
You can ditch your Microsoft account password completely now. But if you plan to do so, there's a step you absolutely must not skip.
2025-05-09 • Sophos X-Ops • Ben Goldberg, Haigh Minassian, Imane Ismail, ndrew Petrus, Sushmita Shetty • win.lumma Open article on Malpedia
A Türkiye-backed cyberespionage group exploited a zero-day vulnerability to attack Output Messenger users linked to the Kurdish military in Iraq. [...]
This Anti-Ransomware Day, we look at a decade of RaaS activity and how ransomware has evolved into a billion-dollar criminal enterprise.
She@Cyber training program is focused on improving the representation of women and other underrepresented groups in the cybersecurity industry
Threat actors have been observed leveraging fake artificial intelligence (AI)-powered tools as a lure to entice users into downloading an information stealer malware dubbed Noodlophile. "Instead...
With the digital transformation movement sweeping the world and cyber threats evolving simultaneously to pose greater and greater…
A global cryptocurrency phishing operation likely based in India or Sri Lanka has been stealing digital assets since at least 2022
Moldovan authorities have detained a 45-year-old suspect linked to DoppelPaymer ransomware attacks targeting Dutch organizations in 2021. [...]
Google has agreed to a $1.375 billion settlement with the state of Texas over a 2022 lawsuit that alleged it had been collecting and using biometric data of millions of Texans without properly...
Following up on last year’s LOLDriver plugin, Tenable Research is releasing detection plugins for the top Remote Monitoring and Management (RMM) tools that attackers have been more frequently...
The Health Sector Coordinating Council (HSCC) Cybersecurity Working Group (CWG) highlighted the significant cybersecurity challenges facing America’s resource-constrained... The post HSCC warns of...
99% of enterprise users have browser extensions but over half carry high-risk permissions. LayerX's 2025 report reveals how everyday extensions expose sensitive data, and what security teams must...
The Commission on Elections (COMELEC) has teamed up with leading technology firms, including Microsoft, to ensure that the upcoming Philippine elections are protected from cyber threats and...
As AI-driven fraud becomes increasingly common, more people feel the need to verify every interaction they have online.
Varonis reveals attackers are using SEO poisoning to trick IT admins into downloading malware, alongside a critical root…
Hackers have compromised Japanese trading accounts in an apparent attempt to manipulate the stock market
Each Monday, the Tenable Exposure Management Academy provides the practical, real-world guidance you need to shift from vulnerability management to exposure management. In this post, the second of...
Ever wondered why a lie can spread faster than the truth? Tune in for an insightful look at disinformation and how we can fight one of the most pressing challenges facing our digital world.
Germany’s BKA has seized the infrastructure behind the crypto swapping service eXch