Canon Marketing Japan Inc. and Canon Inc. have issued an important security update regarding a vulnerability in certain printer drivers. This Canon vulnerability, identified as CVE-2025-1268,...
World Backup Day, observed annually on March 31, serves as a reminder of the importance of protecting data against cyber threats, accidental deletions, and technical failures. Despite growing...
The Moscow Metro website and mobile application experienced disruptions on March 31, 2023. The Moscow subway app users reported various malfunctions, including issues loading personal accounts and...
Hacker claims breach of Israeli cybersecurity firm Check Point, offering network access and sensitive data for sale; company denies any recent incident.
The threat actors behind the zero-day exploitation of a recently-patched security vulnerability in Microsoft Windows have been found to deliver two new backdoors called SilentPrism and DarkWisp....
The prominent hacker Aubrey Cottle is accused of hacking into a third-party hosting company for the websites for the Texas Republican Party and the Texas Right to Life anti-abortion group.
The transportation vertical is rapidly growing, yet it is often overlooked by MSPs. See why MSPs should pay attention to transportation cybersecurity in this post.
Xiaofeng Wang, a longtime computer science professor at Indiana University, has disappeared along with his wife, and their profiles on the school's website were wiped ahead of recent FBI raids.
Aubrey Cottle allegedly gained access to the Texas GOP’s website through a breach of its hosting provider. The post DOJ charges hacker for 2021 Texas GOP website defacement appeared first on CyberScoop.
The U.S. Cybersecurity and Information Security Agency (CISA) has issued an advisory detailing a new malware variant detected in attacks on an Ivanti vulnerability. The CISA advisory says the...
VMware Workstation users report that the software's automatic update functionality is broken after Broadcom redirected the download URL to its generic support page, triggering certificate errors. [...]
Oracle has denied at least one breach, despite evidence to the contrary, as it begins notifying healthcare customers of a separate patient data breach.
OpenAI has confirmed that its powerful AI agent "Deep Research" will begin rolling out to free users "very soon." At the moment, Deep Research is available only for Plus and Enterprise customers. [...]
Threat actors are using the "mu-plugins" directory in WordPress sites to conceal malicious code with the goal of maintaining persistent remote access and redirecting site visitors to bogus sites....
The ECCC Governing Board adopted its first Cybersecurity Work Programme under Digital Europe Programme (DEP) for 2025-2027. Priorities... The post ECCC announces cybersecurity work programme to...
The non-profit professional association International Society of Automation (ISA) has announced a new way for its members to... The post ISA launches Connect Forum, a new hub for automation...
Nokia announced that Nozomi Networks is among six new Industry 4.0 applications that customers can deploy on the... The post Nozomi, Nokia unify OT, IoT security for industries powered by private...
The API testing firm took down a database exposed to the internet without a password.
Every week, someone somewhere slips up—and threat actors slip in. A misconfigured setting, an overlooked vulnerability, or a too-convenient cloud tool becomes the perfect entry point. But what...
If you're using AWS, it's easy to assume your cloud security is handled - but that's a dangerous misconception. AWS secures its own infrastructure, but security within a cloud environment remains...
Microsoft used its AI-powered Security Copilot to discover 20 previously unknown vulnerabilities in the GRUB2, U-Boot, and Barebox open-source bootloaders. [...]
CISA recommends immediate action to address malware variant RESURGE exploiting Ivanti vulnerability CVE-2025-0282
The yearslong scheme goes much deeper than contract work, extending to roles beyond traditional IT and sometimes granting the insider threat “keys to the kingdom,” DTEX President Mohan Koo said....
The yearslong scheme goes much deeper than contract work, extending to roles beyond traditional IT and sometimes granting the insider threat “keys to the kingdom,” DTEX President Mohan Koo said....
A new report from the Cyberspace Solarium Commission reveals that U.S. adversaries are aware that targeting critical infrastructure... The post Cyber threats to rail, ports, airports could cripple...
Cloud environments at risk: Attackers target weak PostgreSQL instances with fileless cryptominer payloads.
Entities in Ukraine have been targeted as part of a phishing campaign designed to distribute a remote access trojan called Remcos RAT. "The file names use Russian words related to the movement of...
New “ClickFake Interview” campaign attributed to the Lazarus Group targets crypto professionals with fake job offers
A phishing-as-a-service (PhaaS) platform named 'Lucid' has been targeting 169 entities in 88 countries using well-crafted messages sent on iMessage (iOS) and RCS (Android). [...]
Cyble researchers have discovered a new Android banking trojan that uses overlay attacks and other techniques to target more than 750 applications, including banking, finance, cryptocurrency,...