An Indian disaster-relief flight delivering aid is the latest air-traffic incident, as attacks increase in the Middle East and Myanmar and along the India-Pakistan border. […]
Lotus Panda Hacks SE Asian Governments With Browser Stealers and Sideloaded Malware
The China-linked cyber espionage group tracked as Lotus Panda has…
Whistleblower: DOGE Siphoned NLRB Case Data
A security architect with the National Labor Relations Board (NLRB)…
‘Fog’ Hackers Troll Victims With DOGE Ransom Notes
Since January, threat actors distributing the malware have notched up…
‘Elusive Comet’ Attackers Use Zoom to Swindle Victims
The threat actor uses sophisticated social engineering techniques to infect…
Nation-State Threats Put SMBs in Their Sights
Cyberthreat groups increasingly see small and medium-sized businesses, especially those…
Chinese Smishing Kit Powers Widespread Toll Fraud Campaign Targeting U.S. Users in 8 States
Cybersecurity researchers are warning of a "widespread and ongoing" SMS phishing campaign that's been targeting toll road users in the United States for financial theft since mid-October 2024. "The toll road smishing attacks are being carried out by multiple financially motivated threat actors using the smishing kit developed by 'Wang Duo Yu,'" Cisco Talos researchers Azim Khodjibaev, Chetan The original article found on The Hacker News Read More
Lotus Panda Hacks SE Asian Governments With Browser Stealers and Sideloaded Malware
The China-linked cyber espionage group tracked as Lotus Panda has…
Whistleblower: DOGE Siphoned NLRB Case Data
A security architect with the National Labor Relations Board (NLRB)…
‘Fog’ Hackers Troll Victims With DOGE Ransom Notes
Since January, threat actors distributing the malware have notched up…
‘Elusive Comet’ Attackers Use Zoom to Swindle Victims
The threat actor uses sophisticated social engineering techniques to infect…
Nation-State Threats Put SMBs in Their Sights
Cyberthreat groups increasingly see small and medium-sized businesses, especially those…
Apple Zero-Days Under ‘Sophisticated Attack,’ but Details Lacking
The technology giant said two zero-day vulnerabilities were used in…
Uncategorized
Creating a Robust Vendor Risk Management Program for Hotels and Retailers
In the fast-paced hospitality and retail world, managing vendor relationships…
Gootloader Malware Attacking Users Via Google Search Ads Using Weaponized Documents
The notorious Gootloader malware has reemerged with evolved tactics, now…
Dangerous, Windows-Hijacking Neptune RAT Scurries Into Telegram, YouTube
The malware's creators insist a new open source version of…
IBM Aspera Faspex Flaw Allows Injection of Malicious JavaScript in Web UI
A significant security vulnerability has been identified in IBM Aspera…
China-Linked Hackers Lay Brickstorm Backdoors on Euro Networks
Researchers discovered new variants of the malware, which is tied to a China-nexus threat group, targeting Windows environments of critical infrastructure networks in Europe. The […]
Multiple Groups Exploit NTLM Flaw in Microsoft Windows
The attacks have been going on since shortly after Microsoft patched the vulnerability in March. The original article found on darkreading Read More
2 Apple Zero-Day Vulnerabilities Actively Exploited in “Extremely” Sophisticated iOS Attacks
Apple has urgently rolled out iOS 18.4.1 and iPadOS 18.4.1 to patch two zero-day vulnerabilities that were actively exploited in “extremely sophisticated” attacks aimed at […]
Ransomware gang ‘CrazyHunter’ Targets Critical Taiwanese Orgs
Trend Micro researchers detailed an emerging ransomware campaign by a new group known as “CrazyHunter” that is targeting critical sectors in Taiwan. The original article […]
Windows Task Scheduler Vulnerabilities Allow Attackers Gain Admin Account Control
New vulnerabilities in Windows Task Scheduler’s schtasks.exe let attackers bypass UAC, alter metadata, modify event logs, and evade detection. These actions map to MITRE ATT&CK […]
CISA Extend Funding to MITRE to Keep CVE Program Running
The Cybersecurity and Infrastructure Security Agency (CISA) has extended funding to the MITRE Corporation, ensuring the continued operation of the Common Vulnerabilities and Exposures (CVE) […]
Experts Uncover Four New Privilege Escalation Flaws in Windows Task Scheduler
Cybersecurity researchers have detailed four different vulnerabilities in a core component of the Windows task scheduling service that could be exploited by local attackers to […]
Server-Side Phishing Attacks Target Employee and Member Portals to Steal Login Credentials
Attackers have been deploying server-side phishing schemes to compromise employee and member login portals across various enterprises. This strategic shift to server-side operations is designed […]
Windows NTLM Vulnerability (CVE-2025-24054) Actively Exploit in the Wild to Hack Systems
A critical vulnerability in Microsoft Windows, identified as CVE-2025-24054, has been actively exploited in the wild since March 19, 2025, targets organizations worldwide. The flaw, […]