French fintech leader Harvest SAS has become the latest high-profile victim of a sophisticated ransomware attack, culminating this week in the public release of a trove of […]
‘Elusive Comet’ Attackers Use Zoom to Swindle Victims
The threat actor uses sophisticated social engineering techniques to infect…
Nation-State Threats Put SMBs in Their Sights
Cyberthreat groups increasingly see small and medium-sized businesses, especially those…
Infostealer Attacks Surge 84% Weekly Through Phishing Emails
The volume of infostealer malware distributed through phishing emails has…
North Korean IT Workers Use Real-Time Deepfakes to Infiltrate Organizations Through Remote Jobs
A division of Palo Alto Networks, have revealed a sophisticated…
Can Cybersecurity Weather the Current Economic Chaos?
Cybersecurity firms tend to be more software- and service-oriented than…
Chinese Smishing Kit Powers Widespread Toll Fraud Campaign Targeting U.S. Users in 8 States
Cybersecurity researchers are warning of a "widespread and ongoing" SMS phishing campaign that's been targeting toll road users in the United States for financial theft since mid-October 2024. "The toll road smishing attacks are being carried out by multiple financially motivated threat actors using the smishing kit developed by 'Wang Duo Yu,'" Cisco Talos researchers Azim Khodjibaev, Chetan ​The original article found on The Hacker News Read More
‘Elusive Comet’ Attackers Use Zoom to Swindle Victims
The threat actor uses sophisticated social engineering techniques to infect…
Nation-State Threats Put SMBs in Their Sights
Cyberthreat groups increasingly see small and medium-sized businesses, especially those…
Nation-State Threats Put SMBs in Their Sights
Cyberthreat groups increasingly see small and medium businesses, especially those…
Kimsuky Exploits BlueKeep RDP Vulnerability to Breach Systems in South Korea and Japan
Cybersecurity researchers have flagged a new malicious campaign related to…
Akira Ransomware Launches New Cyberattacks Using Stolen Credentials and Public Tools
The Akira ransomware group has intensified its operations, targeting over…
Hackers Leveraging x86-64 Binaries on Apple Silicon to Deploy macOS Malware
Advanced threat actors increasingly leverage x86-64 binaries and Apple’s Rosetta…
Critical Ingress NGINX Controller Vulnerability Allows RCE Without Authentication
A set of five critical security shortcomings have been disclosed…
Windows Active Directory Domain Vulnerability Let Attackers Escalate Privileges
Microsoft has disclosed a significant security vulnerability in Active Directory…
DeepSeek Generating Fully Working Keyloggers & Data Exfiltration Tools
Security researchers at Unit 42 have successfully prompted DeepSeek, a…
OpenAI Operator Agent Used in Proof-of-Concept Phishing Attack
Researchers from Symantec showed how OpenAI's Operator agent, currently in…
Node.js Malware Campaign Targets Crypto Users with Fake Binance and TradingView Installers
Microsoft is calling attention to an ongoing malvertising campaign that makes use of Node.js to deliver malicious payloads capable of information theft and data exfiltration. […]
Critical Erlang/OTP SSH Vulnerability (CVSS 10.0) Allows Unauthenticated Code Execution
A critical security vulnerability has been disclosed in the Erlang/Open Telecom Platform (OTP) SSH implementation that could permit an attacker to execute arbitrary code sans […]
Chinese Hacker Group Mustang Panda Bypass EDR Detection With New Hacking Tools
The China-sponsored hacking group, Mustang Panda, has been uncovered by Zscaler ThreatLabz to employ new techniques and tools, including the updated backdoor ToneShell and a […]
CISA Warns of Potential Credential Exploits Linked to Oracle Cloud Hack
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a public warning following reports of possible unauthorized access to a legacy Oracle Cloud environment. While […]
Critical Flaw in PHP’s extract() Function Enables Arbitrary Code Execution
A critical vulnerability in PHP’s extract() function has been uncovered, enabling attackers to execute arbitrary code by exploiting memory corruption flaws. The issue affects PHP versions 5.x, […]
Intel Sells 51% Stake in Altera to Silver Lake in $8.75 Billion Deal
Intel Corporation has announced the divestiture of a 51% stake in its Altera division to Silver Lake, valuing the programmable logic company at $8.75 billion. […]
Agent Tesla Malware Uses Multi-Stage Attacks with PowerShell Scripts
Researchers from Palo Alto Networks have uncovered a series of malicious spam campaigns leveraging the notorious Agent Tesla malware through intricate, multi-stage infection vectors. The […]
Middle East, North Africa Security Spending to Top $3B
Gartner projects IT security spending in the MENA region will continue to increase in 2025, with security services accounting for the most growth. ​The original […]
Google Removes 5.5 Billion Malicious Ads, Suspends 700,000+ Offending Advertisers
Google has announced the removal of 5.5 billion malicious advertisements and the suspension of over 700,000 offending advertiser accounts in 2024, according to its recently […]