Health Net Federal Services has agreed to pay over $11m over alleged false cybersecurity reporting
Several government departments are investigating TP-Link routers over Chinese cyberattack fears, but the company denies links.
Cisco has confirmed that a Chinese threat actor known as Salt Typhoon gained access by likely abusing a known security flaw tracked as CVE-2018-0171, and by obtaining legitimate victim login...
Cybersecurity researchers are analyzing about 200,000 messages from inside the high-profile Black Basta ransomware operation that were leaked recently.
A high-severity security flaw impacting the Craft content management system (CMS) has been added by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) to its Known Exploited...
Hard on the heels of the recent disclosure of CVE-2025-0108 exploitation affecting Palo Alto Networks PAN-OS products, another critical vulnerability comes to light. Defenders identified a new...
Review this Cybersecurity Threat Advisory to learn how to mitigate your risk from two critical OpenSSH vulnerabilities.
Privilege escalation vulnerability (CVE-2024-9150) has been found in Wyn Enterprise software.
Cryptocurrency exchange Bybit revealed today that an unknown attacker stole over $1.46 billion worth of cryptocurrency from one of its ETH cold wallets. [...]
BlackBasta’s internal chatlogs are “highly useful from a threat intelligence perspective,” said Prodaft, the firm that revealed the leak
We discuss vulnerabilities in popular GenAI web products to LLM jailbreaks. Single-turn strategies remain effective, but multi-turn approaches show greater success. The post Investigating LLM...
The U.S. Cybersecurity & Infrastructure Security Agency (CISA) warns that a Craft CMS remote code execution flaw is being exploited in attacks. [...]
Apple will no longer offer iCloud end-to-end encryption in the United Kingdom after the government requested a backdoor to access Apple customers' encrypted cloud data. [...]
Kaspersky experts analyze the Angry Likho APT group's attacks, which use obfuscated AutoIt scripts and the Lumma stealer for data theft.
Microsoft has developed the first ever quantum chip, shortening the timeframe for when quantum computers will break exiting encryption
Cyble Research and Intelligence Labs (CRIL) has uncovered a stealthy campaign that uses malicious LNK files disguised as seemingly innocent wallpapers to deliver AsyncRAT—an infamous remote access...
The Cyber Security Agency of Singapore (CSA) released on Thursday an advisory on Software Bill of Materials (SBOM)... The post CSA, OWASP urge developers to address OSS dependency risks amid...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA), in partnership with the Federal Bureau of Investigation (FBI) and... The post CISA, FBI, MS-ISAC warn of Ghost ransomware...
Check out mitigation recommendations to protect your organization against the Ghost ransomware gang. Plus, get tips on how to attract and retain top cybersecurity professionals. And get the latest...
A newly identified cybersecurity vulnerability in Medixant’s RadiAnt DICOM Viewer has raised concerns about potential security threats in the healthcare sector. The vulnerability tracked as...
A previously unknown hacking group has been spotted targeting European healthcare organizations using spyware linked to Chinese state-backed hackers and a new ransomware strain, researchers said.
Learn how to sue companies under GDPR for data misuse. Understand your rights, file complaints, and claim compensation…
2025-02-18 • Orange Cyberdefense • Alexis Bonnefoi, Marine PICHON • win.nailao_locker, win.plugx, win.shadowpad Open article on Malpedia
2025-02-19 • Natto Thoughts • Eugenio Benincasa Open article on Malpedia
2025-02-19 • CISA • CISA • win.cring Open article on Malpedia
2025-02-20 • Infrawatch • Infrawatch Research Team • win.ghostsocks, win.lumma Open article on Malpedia
2025-02-20 • Silent Push • Silent Push • win.valley_rat Open article on Malpedia
2025-02-20 • Trend Micro • Daniel Lunghi • win.evilextractor, win.plugx, win.shadowpad Open article on Malpedia
2025-02-20 • Orange Cyberdefense • Alexis Bonnefoi, Marine PICHON • win.nailao_locker Open article on Malpedia
The Chinese nation-state threat group primarily gained access to Cisco devices with legitimate login credentials, according to Cisco Talos. The post Salt Typhoon gained initial access to telecoms...