Cybercrime
The sophisticated supply chain attack that resulted in millions of users downloading a backdoored version of the popular CCleaner PC software utility was the work of...
Hi, what are you looking for?
SecurityWeek
Cybercrime
Groups like ShinyHunters are demonstrating that attackers do not necessarily need malware or zero-day exploits to cause massive damage.
Cybercrime
Oleksii Oleksiyovych Lytvynenko admitted to working on the development of a loader for the Conti gang.
Cybercrime
Oracle has mitigated CVE-2026-35273, but it has not publicly confirmed the vulnerability’s in-the-wild exploitation.
Cybercrime
Researchers say the OnyxC2 malware targets more than 200 applications and extensions while evading detection through encrypted payloads, DLL sideloading, and in-memory execution techniques.
Cybercrime
Hundreds of servers have been infected with Monero mining malware after miscreants managed to exploit a vulnerability in Microsoft IIS 6.0, ESET warns.
Cybercrime
The Electronic Frontier Foundation (EFF) revealed on Wednesday that employees of Internet freedom NGOs “Free Press” and “Fight for the Future” have been targeted...
Cybercrime
Whole Foods Market, the supermarket chain acquired recently by Amazon for $13.7 billion, informed customers this week that it has launched an investigation after...
Cybercrime
A recently detected espionage campaign is delivered via malicious emails, but maintains presence on compromised machines by using scripts instead of a binary payload,...
Cybercrime
Kaspersky said it had detected roughly 18,000 malware samples belonging to more than 2,500 families on industrial control systems (ICS) in the first half...
Cybercrime
The infamous FIN7 hacking group has been distributing malware through a LNK file embedded in a Word document via the Object Linking and Embedding...
Cybercrime
While critical infrastructure has been targeted by sophisticated threat actors, attacks that rely on commonly available and easy-to-use tools are more likely to occur,...
Cybercrime
Police investigations have pointed to North Korea as responsible for recent attempts to hack South Korea's virtual currency exchanges, a report said Wednesday.
Cybercrime
Sonic Drive-In, a fast food restaurant chain with more than 3,500 locations across the United States, has apparently suffered a data breach that may...
Cybercrime
Cyber criminals are increasingly accessing ATM machines through the banks' networks, with squads of money mules standing by ready to pick up the stolen...
Cybercrime
A backup of a database containing information on Windows systems compromised via a maliciously modified version of the CCleaner software utility has provided investigators...
Cybercrime
The US Securities and Exchange Commission has announced it is setting up a special unit dedicated to identifying cyber-related misconduct.
Cybercrime
Newly observed Retefe banking Trojan samples have implemented the National Security Agency-related EternalBlue exploit, Proofpoint security researchers have discovered.
Cybercrime
Oracle has released patches for many of its products to address several vulnerabilities in the Apache Struts 2 framework, including one that has been...
Cybercrime
Locky ransomware, the infamous threat that dominated malware charts in 2016, is being aggressively distributed in a series of spam runs that have been...
Cybercrime
A database that allowed hackers to monitor systems infected through a maliciously modified CCleaner installer was erased on September 12, Avast has discovered.
Cybercrime
A recently disclosed breach at Avast-owned Piriform, makers of the popular software utility CCleaner, was a highly targeted attack performed by a sophisticated actor, Avast and...
Today’s attackers are no longer breaking in — they’re logging in. Join this live webinar as we break down the modern identity attack chain and examine how recent breaches exploited weaknesses in authentication, identity verification, and access management processes.
RegisterAI has accelerated both sides of the fight. Adversaries are weaponizing vulnerabilities faster, while defenders are racing to ship detections and configurations. Join this live webinar as we explore how to prove your controls actually hold against new threats, map your security maturity, and unite breach simulation with automated pentesting into a single, coordinated program.
RegisterExpert Insights
Groups like ShinyHunters are demonstrating that attackers do not necessarily need malware or zero-day exploits to cause massive damage.
(Torsten George)
Four decades of incident response experience suggest that exploits are often the symptom, not the root cause, of today’s cybersecurity failures.
(Tod Beardsley)
Security teams need more than visibility into AI applications, they need a repeatable framework for monitoring, investigating, and defending them in production.
(Joshua Goldfarb)
AI-driven development is not something organizations can or should block. But it must be governed.
(Danelle Au)
AI can help attackers generate malware, create malicious payloads, bypass simple security checks, and convert vague malicious intent into functional code.
(Etay Maor)