In February 2025, the cybersecurity community witnessed an unprecedented leak that exposed the internal operations of Black Basta, a prolific ransomware group.
HellCat ransomware hits 4 companies by exploiting Jira credentials stolen through infostealer malware, continuing their global attack spree.
Meta warned Windows users to update the WhatsApp messaging app to the latest version to patch a vulnerability that can let attackers execute malicious code on their devices. [...]
Learn how to set up and use a VPN with just four easy steps. This step-by-step guide takes you through how you can secure your connection and online data.
Armis survey reveals that the growing threat of nation-state cyber-attacks is disrupting digital transformation
A significant spike in exploitation attempts targeting TVT NVMS9000 DVRs has been detected, peaking on April 3, 2025, with over 2,500 unique IPs scanning for vulnerable devices. [...]
The US Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2025-31161 to its Known Exploited Vulnerabilities (KEV) catalog
The Cybersecurity and Infrastructure Security Agency (CISA) has recently added a new vulnerability to its Known Exploited Vulnerabilities Catalog. The vulnerability, identified as CVE-2025-31161,...
By Salleh Kodri, SE Regional Manager, Cyble The rapid digitalization of ASEAN economies has unlocked immense opportunities for growth and innovation. However, this expansion also exposes the...
Amazon Web Services (AWS) has added support for the ML-KEM post-quantum key encapsulation mechanism to AWS Key Management Service (KMS), AWS Certificate Manager (ACM), and AWS Secrets Manager,...
From Talos' 2024 Year in Review, here are some findings from the top targeted network device vulnerabilities. We also explore how threat actors are moving away from time sensitive lures in their...
From Talos' 2024 Year in Review, here are some findings from the top targeted network device vulnerabilities. We also explore how threat actors are moving away from time sensitive lures in their...
The European Commission has initiated a consultation on its January Action Plan, which was designed to enhance cybersecurity... The post European Commission launches consultation on strengthening...
RunSafe Security, a vendor of cyberhardening technology for embedded systems across critical infrastructure, announced on Monday the launch... The post RunSafe Security launches Risk Reduction...
Online gaming has become an integral part of modern entertainment, with millions of players connecting from all over…
Malicious actors are using SourceForge to distribute a miner and the ClipBanker Trojan while utilizing unconventional persistence techniques.
Google has shipped patches for 62 vulnerabilities, two of which it said have been exploited in the wild. The two high-severity vulnerabilities are listed below - CVE-2024-53150 (CVSS score: 7.8) -...
The British government has launched a new code of practice designed to boost corporate cyber governance
With the just-In-time (JIT) access control method, privileges are granted temporarily on an as-needed basis. This reduces static entitlements, lowering the risk of compromised accounts and...
Corporate data breaches are a gateway to identity fraud, but they’re not the only one. Here’s a lowdown on how your personal data could be stolen – and how to make sure it isn’t.
More than 100 companies publicly reported cyberattacks. Two of them announced their insolvency after the incident. In two other cases, two ransomware gangs simultaneously claimed responsibility...
SecGemini is free, but its access will initially be limited to a select group of organizations that will test the model in their own cybersecurity work. The post Google hopes its experimental AI...
Hackers infiltrated the Office of the Comptroller of the Currency (OCC) and monitored email accounts of approximately 103 bank regulators for over a year, accessing around 150,000 sensitive...
A new Neptune RAT variant is being shared via YouTube and Telegram, targeting Windows users to steal passwords and deliver additional malware components.
Economic turmoil often results in downsizing or layoffs. When not managed correctly, this can open the company to a myriad of insider threats and unacceptable risk.
Serbian security services exploited one of the actively exploited vulnerabilities to break into the phone of a youth activist in Serbia, according to Amnesty International. The post Google...
Serbian security services exploited one of the actively exploited vulnerabilities to break into the phone of a youth activist in Serbia, according to Amnesty International. The post Google...
The 21 signatories support a number of steps, such as banning vendors who behave illegally, in a document agreed to last week in Paris. The post Voluntary ‘Pall Mall Process’ seeks to curb spyware...
Sec-Gemini v1 has access to real-time cybersecurity data from trusted sources including Google Threat Intelligence, Mandiant’s attack reports, and the Open Source Vulnerabilities database.
Cybersecurity agencies from Australia, Canada, New Zealand, and the United States have published a joint advisory about the risks associated with a technique called fast flux that has been adopted...