These researchers intentionally put credentials into Stack Overflow, Reddit and many other places. Most of these were exploited within a day, which is pretty interesting.

The Dark Storm hacktivist group claims to be behind DDoS attacks causing multiple X worldwide outages on Monday, leading the company to enable DDoS protections from Cloudflare. [...]

North Korea's Moonstone Sleet deploys the Qilin ransomware. Texas city declares state of emergency following cyberattack.

Russian crypto exchange Garantex has yet to directly address the international law enforcement operation that resulted in the seizure of its domains, and criminal charges against two of its...

Cyber threats today don't just evolve—they mutate rapidly, testing the resilience of everything from global financial systems to critical infrastructure. As cybersecurity confronts new...

The U.S. Federal Trade Commission (FTC) said today that Americans lost a record $12.5 billion to fraud last year, a 25% increase over the previous year. [...]

This report provides statistics, trends, and case information on the distribution quantity, distribution methods, and disguise techniques of Infostealer collected and analyzed during February...

Overview AhnLab is monitoring Advanced Persistent Threat (APT) attacks in South Korea using its own infrastructure. This report covers the classification, statistics, and features of the APT...

Command Injection vulnerability (CVE-2025-1497) has been found in MLJAR PlotAI software.

For the latest discoveries in cyber research for the week of 10th March, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES The City of Mission, Texas, has declared a local...

Standing in the midst of a humming control room, you might see a row of status indicators flash... The post Ensuring End-to-End Security for Data Flows appeared first on Industrial Cyber.

Microsoft has published guidance for users of Microsoft Publisher as it will no longer be supported after October 2026 and removed from Microsoft 365. [...]

A new report by Fortinet reveals techniques used by attackers to evade detection and compromise systems

Written by: Dhanesh Kizhakkinan, Nino Isakovic Executive Summary This blog post presents an in-depth exploration of Microsoft's Time Travel Debugging (TTD) framework, a powerful record-and-replay...

Google's Manifest V3 platform is clobbering many popular extensions. Here's why and what you can do about it.

Google says a fix is on the way, but there are some temporary workarounds.

Are you an asset owner or operator in the industrial sector, working to fortify your OT cybersecurity posture against ever-evolving... The post Network, Learn, Defend: the Dragos Forum Helps to...

​Later this week, the Federal Trade Commission (FTC) will start distributing over $25.5 million in refunds to those misled by tech support companies Restoro and Reimage's scare tactics. [...]

Key Points Introduction APT-C-36, also known as Blind Eagle, is a threat group that engages in both espionage and cybercrime. It primarily targets organizations in Colombia and other Latin...

The Alan Turing institute urged government and academia to address systemic cultural and structural security barriers in UK AI research

Following their recent reveal that the Black Basta leak exposed ransomware tactics, researchers from the KELA’s Cyber Intelligence... The post KELA’s Cyber Intelligence Center details more...

Context

Switzerland's National Cybersecurity Centre (NCSC) has announced a new reporting obligation for critical infrastructure organizations in the country, requiring them to report cyberattacks to the...

Cisco has set an ambitious goal to train 1.5 million people across the European Union in digital skills by 2030. This Cisco Networking Academy initiative, which focuses on areas such as Artificial...

Google paid almost $12 million in bug bounty rewards to 660 security researchers who reported security bugs through the company's Vulnerability Reward Program (VRP) in 2024. [...]

Starting April 2025, Swiss critical infrastructure organizations will have to report cyber-attacks to the country’s authorities within 24 hours of discovery

Software developer Davis Lu cost his employer hundreds of thousands after deploying malware that caused crashes and failed logins

Quantum computing threatens to break traditional encryption, putting sensitive data at risk. Learn more from Specops Software about the risks of quantum computing and how to prepare for them. [...]

In this article, we discuss the tools and TTPs used in the SideWinder APT's attacks in H2 2024, as well as shifts in its targets, such as an increase in attacks against the maritime and logistics sectors.

Consumer Reports assessed the most leading voice cloning tools, including Descript and ElevenLabs. Here's the verdict.