A leaked internal memo dated April 15, 2025, has sent shockwaves through the cybersecurity community, revealing that MITRE’s contract to operate the Common Vulnerabilities and […]
Zambia’s Updated Cyber Laws Prompt Surveillance Warnings
Critics — which include the US embassy in Zambia —…
Verizon: Edge Bugs Soar, Ransoms Lag, SMBs Bedeviled
The cybersecurity landscape confounded expectations in 2024, as anticipated threats…
Microsoft Purges Millions of Cloud Tenants in Wake of Storm-0558
The tech giant is boosting Entra ID and MSA security…
City of Abilene Goes Offline in Wake of Cyberattack
The Texas municipality is following its incident response playbook as…
3 More Healthcare Orgs Hit by Ransomware Attacks
Dialysis firm DaVita, Wisconsin-based Bell Ambulance, and Alabama Ophthalmology Associates…
Chinese Smishing Kit Powers Widespread Toll Fraud Campaign Targeting U.S. Users in 8 States
Cybersecurity researchers are warning of a "widespread and ongoing" SMS phishing campaign that's been targeting toll road users in the United States for financial theft since mid-October 2024. "The toll road smishing attacks are being carried out by multiple financially motivated threat actors using the smishing kit developed by 'Wang Duo Yu,'" Cisco Talos researchers Azim Khodjibaev, Chetan The original article found on The Hacker News Read More
Verizon: Edge Bugs Soar, Ransoms Lag, SMBs Bedeviled
The cybersecurity landscape confounded expectations in 2024, as anticipated threats…
Zambia’s Updated Cyber Laws Prompt Surveillance Warnings
Critics — which include the US embassy in Zambia —…
Microsoft Purges Millions of Cloud Tenants in Wake of Storm-0558
The tech giant is boosting Entra ID and MSA security…
3 More Healthcare Orgs Hit by Ransomware Attacks
Dialysis firm DaVita, Wisconsin-based Bell Ambulance, and Alabama Ophthalmology Associates…
City of Abilene Goes Offline in Wake of Cyberattack
The Texas municipality is following its incident response playbook as…
‘Elusive Comet’ Attackers Use Zoom to Swindle Victims
The threat actor uses sophisticated social engineering techniques to infect…
WhatsApp Vulnerability Let Attackers Execute Malicious Code Via Attachments
A critical vulnerability in WhatsApp for Windows that could allow…
Multiple Groups Exploit NTLM Flaw in Microsoft Windows
The attacks have been going on since shortly after Microsoft…
Microsoft Secures MSA Signing with Azure Confidential VMs Following Storm-0558 Breach
Microsoft on Monday announced that it has moved the Microsoft…
AWWA Supports Introduction of Collaborative Cybersecurity Legislation
Post Content The original article found on darkreading Read More
Funding Expires for Key Cyber Vulnerability Database
A critical resource that cybersecurity professionals worldwide rely on to identify, mitigate and fix security vulnerabilities in software and hardware is in danger of breaking […]
AI-Powered Presentation Tool Leveraged in Phishing Attacks
Researchers at Abnormal Security said threat actors are using a legitimate presentation and graphic design tool named “Gamma” in phishing attacks. The original article found […]
With AI’s Help, Bad Bots Are Taking Over the Web
Bad bots are becoming increasingly difficult to detect as they more easily mimic human behaviors and utilize evasion techniques, researchers say. The original article found […]
Max Severity Bug in Apache Roller Enabled Persistent Access
The remediated flaw gave adversaries a way to maintain access to the app through password resets. The original article found on darkreading Read More
Hertz Falls Victim to Cleo Zero-Day Attacks
Customer data such as birth dates, credit card numbers and driver’s license information were stolen when threat actors exploited zero-day vulnerabilities in Cleo-managed file transfer […]
Wave of Wine-Inspired Phishing Attacks Targets EU Diplomats
Russia-backed APT29’s latest campaign once again uses malicious invites to wine-tasting events as its lure, but this time targets a different set of vintages — […]
Malicious PyPI Package Targets MEXC Trading API to Steal Credentials and Redirect Orders
Cybersecurity researchers have disclosed a malicious package uploaded to the Python Package Index (PyPI) repository that’s designed to reroute trading orders placed on the MEXC […]
Microsoft Teams File Sharing Unavailable Due to Unexpected Outage
Microsoft Teams users across the globe are experiencing significant disruptions in file-sharing capabilities due to an unexpected outage, impacting workplace communication and collaboration. A wave […]
Majority of Browser Extensions Can Access Sensitive Enterprise Data, New Report Finds
Everybody knows browser extensions are embedded into nearly every user’s daily workflow, from spell checkers to GenAI tools. What most IT and security people don’t […]