Malware & Threats
Russian military intelligence hackers intensify targeting of Western logistics and technology companies moving supplies into Ukraine.
Hi, what are you looking for?
SecurityWeek
Malware & Threats
CISA warns companies of a widespread campaign targeting a Commvault vulnerability to hack Azure environments.
Malware & Threats
A Chinese threat actor exploited a zero-day vulnerability in Trimble Cityworks to hack local government entities in the US.
Malware & Threats
The DanaBot botnet ensnared over 300,000 devices and caused more than $50 million in damages before being disrupted.
Malware & Threats
A Chinese espionage group has been chaining two recent Ivanti EPMM vulnerabilities in attacks against organizations in multiple critical sectors.
Malware & Threats
Redmond’s threat hunters found 394,000 Windows systems talking to Lumma controllers, a victim pool that included global manufacturers.
Malware & Threats
Procolored’s public website served dozens of software downloads containing information stealer malware and a backdoor.
Malware & Threats
Two ransomware groups and several Chinese APTs have been exploiting two recent SAP NetWeaver vulnerabilities.
Malware & Threats
Google bundles multiple safeguards under a single Android toggle to protect high-risk users from advanced mobile malware implants.
Malware & Threats
Patch Tuesday: Microsoft patches at least 70 security bugs and flagged five zero-days in the “exploitation detected” category.
Malware & Threats
Supply chain attack compromises the popular rand-user-agent NPM package to deploy and activate a backdoor.
Malware & Threats
Three NPM packages posing as developer tools for Cursor AI code editor’s macOS version contain a backdoor.
Malware & Threats
Russia-linked APT Star Blizzard is using the ClickFix technique in recent attacks distributing the LostKeys malware.
Malware & Threats
Meta has won its WhatsApp hacking lawsuit against Israeli spyware company NSO Group in an “important step forward for privacy and security”.
Malware & Threats
Noteworthy stories that might have slipped under the radar: NullPoint Stealer source code leaked, researcher earns $17,500 from Apple for vulnerability, BreachForums down after...
Malware & Threats
ESET has analyzed Spellbinder, the IPv6 SLAAC spoofing tool Chinese APT TheWizards uses to deploy its WizardNet backdoor.
Data Breaches
The latest Verizon DBIR landed this week with a startling statistic about the security posture of VPNs and network edge devices.
Malware & Threats
Security researchers detail various malware campaigns that use bulletproof services linked to Proton66 ASN.
Fraud & Identity Theft
North Korean cryptocurrency thieves abusing Zoom Remote collaboration feature to target cryptocurrency traders with malware.
Malware & Threats
Windows versions of the BrickStorm backdoor that the Chinese APT used in the MITRE hack last year have been active for years.
Join this event as we dive into threat hunting tools and frameworks, and explore value of threat intelligence data in the defender’s security stack.
RegisterLearn how integrating BAS and Automated Penetration Testing empowers security teams to quickly identify and validate threats, enabling prompt response and remediation.
RegisterExpert Insights
In the end, cybersecurity isn’t just about collecting data. It’s about proving that your defenses actually work.
(Torsten George)
Despite massive investment, the explosion of sophisticated malware and deepfake attacks persists because organizations struggle to verify digital identities and establish fundamental trust.
(Stu Sjouwerman)
Trying to block AI tools outright is a losing strategy. SaaS and AI are increasingly inseparable, and AI isn’t limited to tools like ChatGPT or Copilot anymore.
(Alastair Paterson)
CTI, digital brand protection and other cyber risk initiatives shouldn’t only be utilized by security and cyber teams.
(Marc Solomon)
Sightline Security’s founder explains why nonprofits need cybersecurity solutions tailored to their unique missions — and why vendors need to listen.
(Jennifer Leggio)