Researchers from Sygnia have responded to a stealthy and persistent China-linked threat actor targeting a major telecommunications company... The post Sygnia details Weaver Ant tactics in battle...

Dragos Inc., vendor of cybersecurity solutions for operational technology (OT) environments, announced on Tuesday that the Dragos Community Defense... The post Dragos announces OT cybersecurity...

23andMe holds millions of customers' genetic information. Here's what you can do to protect your data.

A widespread campaign with binaries written in different source languages, ReaderUpdate contains unique challenges for detection and analysis.

Organizations now use an average of 112 SaaS applications—a number that keeps growing. In a 2024 study, 49% of 644 respondents who frequently used Microsoft 365 believed that they had less than 10...

Cybercriminals are increasingly leveraging Atlantis AIO, which automates credential stuffing attacks across more than 140 platforms

McAfee Labs reveals new Android malware exploiting .NET MAUI to steal user data. Learn about advanced evasion techniques and how to stay protected.

Signal is in the news for all the wrong reasons. Here's what to know about it and why it remains a top choice for protecting conversations.

CrushFTP warned customers of an unauthenticated HTTP(S) port access vulnerability and urged them to patch their servers immediately. [...]

GitHub is an invaluable platform used by app developers to manage workflows, maintain version control and more. But recent attacks using compromised GitHub actions are a reminder of the importance...

Cloudflare has announced that its R2 object storage and dependent services experienced an outage lasting 1 hour and 7 minutes, causing 100% write and 35% read failures globally. [...]

2025-03-23 • AviaB • AviaB • win.vidar Open article on Malpedia

2025-03-12 • YouTube (John Hammond) • John Hammond • elf.blackbasta, win.blackbasta Open article on Malpedia

2025-03-18 • Expel • AARON WALTON • elf.blackbasta, win.blackbasta Open article on Malpedia

2025-03-18 • Trellix • Jambul Tologonov, John Fokker • elf.blackbasta, win.blackbasta Open article on Malpedia

Alisa Viejo, United States, 25th March 2025, CyberNewsWire

2025-03-12 • CISA • CISA, FBI, MS-ISAC Open article on Malpedia

Broadcom released security updates today to fix a high-severity authentication bypass vulnerability in VMware Tools for Windows. [...]

“The same qualities that make AI revolutionary – accessibility, adaptability and sophistication – also make it a powerful tool for criminal networks,” Europol says.

The following is the information on Yara and Snort rules (week 4, March 2025) collected and shared by the AhnLab TIP service. 10 YARA Rules Detection name Description Source PK_Alibaba_whizkossy...

Cybersecurity researchers are calling attention to an Android malware campaign that leverages Microsoft's .NET Multi-platform App UI (.NET MAUI) framework to create bogus banking and social media...

Free unofficial patches are available for a new Windows zero-day vulnerability that can let remote attackers steal NTLM credentials by tricking targets into viewing malicious files in Windows...

NIST has urged more research and emphasis on developing mitigations for attacks on AI and ML systems

This guide is part of a collaboration between Bellingcat and Evident on detecting AI-generated products. You can watch Evident’s video here. Sipping coffee from a mug carved from mineral rock, its...

The New America Open Technology Institute report comes amid DOGE access to sensitive government agency information that has alarmed experts. The post Privacy-boosting tech could prevent breaches,...

Ramat Gan, Israel, 25th March 2025, CyberNewsWire

A threat actor known as EncryptHub has been linked to Windows zero-day attacks exploiting a Microsoft Management Console vulnerability patched this month. [...]

Sygnia has uncovered Weaver Ant, a Chinese threat actor that spied on telecommunications networks for years

Law enforcement authorities in seven African countries have arrested 306 suspects and confiscated 1,842 devices as part of an international operation codenamed Red Card that took place between...

Kela researchers detect a 200%+ increase in dark web chatter about malicious AI tools