Malware & Threats
Akamai warns that a Chinese threat actor is exploiting years-old remote code execution vulnerabilities in ThinkPHP in new attacks.
Hi, what are you looking for?
SecurityWeek
Cybercrime
Zimperium warns that threat actors have stolen the information of tens of thousands of Android users in India using over 1,000 malicious applications.
Malware & Threats
Russian threat groups have been observed exploiting a zero-day vulnerability in 7-Zip against Ukrainian entities.
Malware & Threats
Nearly two dozen new macOS malware families were observed in 2024, including stealers, backdoors, downloaders and ransomware.
Malware & Threats
Python developers looking to integrate DeepSeek into their projects were targeted with malicious packages delivered through PyPI.
Fraud & Identity Theft
Vietnamese cybercrime gang shifts from credit card-skimming to exploiting at least two zero-day vulnerabilities enterprise software product.
Malware & Threats
A threat actor has infected Casio UK’s website with a web skimmer on all pages, except the typical checkout page.
Malware & Threats
Google and Microsoft warn of elevated risks of cyber threats facing the 2024 Paris Olympics, especially from Russian threat actors.
Malware & Threats
Multiple Chinese state-sponsored groups have targeted a Southeast Asian government in a years-long cyberespionage campaign.
Malware & Threats
Cybersecurity researchers are demonstrating how malware could steal data collected by the new Windows Recall feature.
Malware & Threats
CISA has added an old Oracle WebLogic flaw tracked as CVE-2017-3506 to its known exploited vulnerabilities catalog.
Malware & Threats
Law enforcement reveals the identities of eight cybercriminals linked to recently disrupted malware loaders.
Malware & Threats
PoC code targeting a recent Check Point VPN zero-day has been released as Censys identifies 14,000 internet-accessible appliances.
Malware & Threats
Over 600,000 SOHO routers belonging to a single ISP and infected with the Chalubo trojan were rendered inoperable.
Malware & Threats
Malicious campaign exploits high-severity XSS flaws in three WordPress plugins to backdoor websites.
Malware & Threats
The TrickBot botnet and other malware droppers have been targeted by international law enforcement in Operation Endgame.
Malware & Threats
Okta raises the alarm on credential stuffing attacks targeting endpoints used for cross-origin authentication.
Malware & Threats
The US announced that the 911 S5 (Cloud Router) botnet, likely the world’s largest, has been dismantled and its administrator arrested.
Artificial Intelligence
A bipartisan duo in the the U.S. House is proposing legislation to ban the Chinese artificial intelligence app DeepSeek from federal devices.
Hacker Conversations
Vulnerabilities
Mobile & Wireless
Data Protection
Management & Strategy
Noteworthy stories that might have slipped under the radar: NanoLock Security ceases operations, NSO publishes transparency report, cybersecurity salaries data.
Cybercrime
