German multinational insurance company Munich Re estimates that the global cyber insurance market totaled US$15.3 billion in 2024,... The post Munich Re sees untapped potential in $15.3B cyber...

Security Operations Centers (SOCs) today face unprecedented alert volumes and increasingly sophisticated threats. Triaging and investigating these alerts are costly, cumbersome, and increases...

Microsoft has fixed a known issue causing authentication problems when Credential Guard is enabled on systems using the Kerberos PKINIT pre-auth security protocol. [...]

Google’s latest Android update fixes 62 flaws, including two zero-days previously used in limited targeted attacks

The most severe security bug can be exploited without user interaction, per Google.

The Computer Emergency Response Team of Ukraine (CERT-UA) has revealed a new set of cyber attacks targeting Ukrainian institutions with information-stealing malware. The activity is aimed at...

Microsoft says the RansomEXX ransomware gang has been exploiting a high-severity zero-day flaw in the Windows Common Log File System to gain SYSTEM privileges on victims' systems. [...]

In early January, agents from the El Centro division of US Customs and Border Protection (CBP) descended on the central Californian city of Bakersfield and the surrounding Kern County as part of...

NIST marks CVEs pre-2018 as “Deferred” in the NVD as agency focus shifts to managing emerging threats

Overview AhnLab is monitoring Advanced Persistent Threat (APT) attacks in South Korea using its own infrastructure. This report covers the classification, statistics, and features of the APT...

Often referred to as the 'soap opera effect,' motion smoothing can enhance gaming and live sports but tends to be distracting for everything else. Here's how to turn it off.

11Critical110Important0Moderate0LowMicrosoft addresses 121 CVEs including one zero-day which was exploited in the wild.Microsoft patched 121 CVEs in its April 2025 Patch Tuesday release, with 11...

Today is Microsoft's April 2025 Patch Tuesday, which includes security updates for 134 flaws, including one actively exploited zero-day vulnerability. [...]

A recently disclosed critical security flaw impacting CrushFTP has been added by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) to its Known Exploited Vulnerabilities (KEV)...

Microsoft has released the KB5055518 cumulative update for Windows 10 22H2 and Windows 10 21H2, with nine changes or fixes. [...]

A China-linked information campaign is using a network of WeChat accounts to attack Canadian Prime Minister Mark Carney ahead of the country’s upcoming federal election, authorities said.

Microsoft has released Windows 11 KB5055523 and KB5055528 cumulative updates for versions 24H2 and 23H2 to fix security vulnerabilities and issues. [...]

Unknown attackers who breached the Treasury's Office of the Comptroller of the Currency (OCC) in June 2023 gained access to over 150,000 emails. [...]

In February 2025, the cybersecurity community witnessed an unprecedented leak that exposed the internal operations of Black Basta, a prolific ransomware group.

HellCat ransomware hits 4 companies by exploiting Jira credentials stolen through infostealer malware, continuing their global attack spree.

Meta warned Windows users to update the WhatsApp messaging app to the latest version to patch a vulnerability that can let attackers execute malicious code on their devices. [...]

Learn how to set up and use a VPN with just four easy steps. This step-by-step guide takes you through how you can secure your connection and online data.

Armis survey reveals that the growing threat of nation-state cyber-attacks is disrupting digital transformation

A significant spike in exploitation attempts targeting TVT NVMS9000 DVRs has been detected, peaking on April 3, 2025, with over 2,500 unique IPs scanning for vulnerable devices. [...]

The US Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2025-31161 to its Known Exploited Vulnerabilities (KEV) catalog

The Cybersecurity and Infrastructure Security Agency (CISA) has recently added a new vulnerability to its Known Exploited Vulnerabilities Catalog. The vulnerability, identified as CVE-2025-31161,...

By Salleh Kodri, SE Regional Manager, Cyble The rapid digitalization of ASEAN economies has unlocked immense opportunities for growth and innovation. However, this expansion also exposes the...

Amazon Web Services (AWS) has added support for the ML-KEM post-quantum key encapsulation mechanism to AWS Key Management Service (KMS), AWS Certificate Manager (ACM), and AWS Secrets Manager,...

From Talos' 2024 Year in Review, here are some findings from the top targeted network device vulnerabilities. We also explore how threat actors are moving away from time sensitive lures in their...

From Talos' 2024 Year in Review, here are some findings from the top targeted network device vulnerabilities. We also explore how threat actors are moving away from time sensitive lures in their...