Three vulnerabilities discovered in the open-source PHP package Voyager for managing Laravel applications could be used for remote code execution attacks. [...]
Cybercriminals exploit government websites using open redirects and phishing tactics, bypassing secure email gateway protections
Rapid advancements in artificial intelligence (AI) are unlocking new possibilities for the way we work and accelerating innovation in science, technology, and beyond. In cybersecurity, AI is...
Microsoft is investigating an ongoing outage preventing users and admins from accessing some Microsoft 365 services and the admin center. [...]
U.K.-based engineering giant Smiths Group has confirmed a cybersecurity incident involving “unauthorized access” to its systems. The London-listed company, which operates across multiple sectors...
Rwandan-backed rebels M23 are continuing to consolidate their control over Goma after taking control of the city’s international airport and border crossing. Fighting between M23 and the Congolese...
Penetration testing is vital in keeping an organization’s digital assets secure. Here are the top picks among the latest pen testing tools and software.
Artificial Intelligence (AI) represents one of the most transformative technologies since the introduction of the internet. Enterprises are increasingly acknowledging that AI is no longer a...
Posted by Bethel Otuteye and Khawaja Shams (Android Security and Privacy Team), and Ron Aquino (Play Trust and Safety) Android and Google Play comprise a vibrant ecosystem with billions of users...
Financially motivated hackers are behind an ongoing malicious campaign targeting Poland and Germany. These phishing attacks aim to deploy multiple payloads, including Agent Tesla, Snake Keylogger,...
The FBI has seized the domains for the infamous Cracked.io and Nulled.to hacking forums, which are known for their focus on cybercrime, password theft, cracking, and credential stuffing attacks. [...]
The FBI has seized the domains for the infamous Cracked.io and Nulled.to hacking forums, which are known for their focus on cybercrime, password theft, cracking, and credential stuffing attacks. [...]
Government agencies and privacy watchdogs have started investigating the Chinese AI chatbot provider over data privacy concerns
Atomwaffen Division cofounder and alleged Terrorgram Collective member Brandon Russell is facing a potential life sentence for an alleged plot on a Baltimore electrical station. His case is only...
Windows 11's Start menu is getting a big update with full-fledged Android and iPhone integration. [...]
Authored by Anuradha, Sakshi Jaiswal In 2024, scams in India have continued to evolve, leveraging sophisticated methods and technology to... The post Rising Scams in India: Building Awareness and...
The advanced persistent threat (APT) group known as UAC-0063 has been observed leveraging legitimate documents obtained by infiltrating one victim to attack another target with the goal of...
Broadcom has alerted of a high-severity security flaw in VMware Avi Load Balancer that could be weaponized by malicious actors to gain entrenched database access. The vulnerability, tracked as...
Cybersecurity researchers are warning that a critical zero-day vulnerability impacting Zyxel CPE Series devices is seeing active exploitation attempts in the wild. "Attackers can leverage this...
ReliaQuest warns threat actor innovation and infostealer activity helped to accelerate breakout time by 22% in 2024
Kaspersky ICS CERT analyzes industrial threat trends and makes forecasts on how the industrial threat landscape will look in 2025.
Kaspersky ICS CERT analyzes industrial threat trends and makes forecasts on how the industrial threat landscape will look in 2025.
As GenAI tools and SaaS platforms become a staple component in the employee toolkit, the risks associated with data exposure, identity vulnerabilities, and unmonitored browsing behavior have...
Hackers are exploiting a critical command injection vulnerability in Zyxel CPE Series devices that is currently tracked as CVE-2024-40891 and remains unpatched since last July. [...]
The National Audit Office warns of major gaps in cyber resilience across UK government departments
Microsoft has started force-installing the new Outlook email client on Windows 10 systems for users who deploy this month's KB5050081 non-security preview update. [...]
2025-01-29 • Google • Conor Quigley, Luke Jenkins, Nino Isakovic • win.shadowpad Open article on Malpedia
The renowned physicist explores how time and entropy shape the evolution of the universe, the nature of existence, and the eventual fate of everything, including humanity
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) released six industrial control systems (ICS) advisories and updated an... The post CISA flags hardware vulnerabilities in ICS and...
CI-ISAC Australia, a not-for-profit organization focused on cybersecurity and operating on a membership model, has appointed David Gee... The post David Gee appointed as ambassador for CI-ISAC...