Cybersecurity researchers have uncovered two malicious extensions in the Visual Studio Code (VSCode) Marketplace that are designed to deploy ransomware that's under development to its users. The...
Google has admitted a technical issue caused timeline data to vanish. But you might be able to get yours back. Here's how.
If given the choice, most users are likely to favor a seamless experience over complex security measures, as they don’t prioritize strong password security. However, balancing security and...
Ukraine’s national railway company has suffered a “large-scale” cyber-attack, disrupting online services and operations
California-based genetic testing provider 23andMe has filed for Chapter 11 bankruptcy and plans to sell its assets following years of financial struggles [...]
A new multi-platform ransomware-as-a-service (RaaS) operation named VanHelsing has emerged, targeting Windows, Linux, BSD, ARM, and ESXi systems. [...]
Hot on the heels of the disclosure of CVE-2025-24813, a newly uncovered RCE vulnerability in Apache Tomcat—actively exploited just 30 hours after its public disclosure and PoC release—another...
Ukrzaliznytsia, Ukraine’s state-owned railway operator, has been hit by a cyberattack that disrupted online ticket sales.
Authorities in seven African countries have arrested 306 suspects and seized 1842 devices in Operation Red Card
How intuitive, low-cost ransomware-as-a-service platforms are ushering in a new generation of threat actors
Overview In recent years, ransomware attacks have been increasing worldwide, with Korean companies also experiencing a rise in cases. Especially since 2023, there has been a sharp surge in...
A critical security flaw has been disclosed in the Next.js React framework that could be potentially exploited to bypass authorization checks under certain conditions. The vulnerability, tracked...
Ukrzaliznytsia, Ukraine's national railway operator, has been hit by a massive cyberattack that disrupted online services for buying tickets both through mobile apps and the website. [...]
Many Internet service providers (ISPs) worldwide are alerting customers of an outage that started Saturday night and triggered DrayTek router connectivity problems. [...]
A China-linked advanced threat group named Weaver Ant spent more than four years in the network of a telecommunications services provider, hiding traffic and infrastructure with the help of...
The concept of “principle of least privilege” has been around for a long time. In fact, it is older than me; there are papers from the 70s that discuss it:
The Australian government reinforced its dedication to safeguarding the nation’s cyber environment and critical infrastructure by declaring an... The post Australia expands cybersecurity coverage...
African law enforcement authorities have arrested 306 suspects as part of 'Operation Red Card,' an INTERPOL-led international crackdown targeting cross-border cybercriminal networks. [...]
A critical severity vulnerability has been discovered in the Next.js open-source web development framework, potentially allowing attackers to bypass authorization checks. [...]
As 23andMe's bankruptcy looms, privacy experts warn customers to delete their DNA data.
For the latest discoveries in cyber research for the week of 24th March, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES Municipalities in four US states experienced...
Following a social media post last week on the active planning of a coordinated, multi-city terrorist attack on... The post FBI, healthcare agencies warn of credible threat against hospitals,...
Non-profit organization MITRE and NVIDIA are collaborating on simulation tools to better design and optimize quantum imaging systems.... The post MITRE and NVIDIA join forces to revolutionize...
Darktrace Federal announced that it has achieved its Federal Risk and Authorization Management Program (FedRAMP) High Agency Authority... The post Darktrace Federal secures FedRAMP High Authority...
The European Standardisation Organisations (ESOs) CEN, CENELEC, ETSI, together with ENISA, the EU Agency for Cybersecurity, co-hosted the... The post EU cybersecurity legislation takes center...
CERT Polska has received a report about 2 vulnerabilities (CVE-2024-8773 and CVE-2024-8774) found in SIMPLE.ERP software.
The SANS Technology Institute has issued a critical warning for organizations using Cisco's Smart Licensing Utility (CSLU), urging them to update their systems immediately to address two serious...
Two years after a data breach that compromised almost seven million customers, 23andMe's CEO has resigned as the company files for bankruptcy
Cloak ransomware group claims attack on Virginia attorney general's office, demands ransom for stolen data. Investigation underway. Find out the impact and what's being done.
South Africa-listed poultry producer Astral Foods (ARLJ.J) has reported a cybersecurity incident that disrupted its operations and is expected to affect its profits by approximately 20 million...