Malware & Threats
Researchers can earn as much as $450,000 for a single vulnerability report as Google boosts its mobile vulnerability rewards program.
Hi, what are you looking for?
SecurityWeek
Cybercrime
Zimperium warns that threat actors have stolen the information of tens of thousands of Android users in India using over 1,000 malicious applications.
Malware & Threats
Russian threat groups have been observed exploiting a zero-day vulnerability in 7-Zip against Ukrainian entities.
Malware & Threats
Nearly two dozen new macOS malware families were observed in 2024, including stealers, backdoors, downloaders and ransomware.
Malware & Threats
Python developers looking to integrate DeepSeek into their projects were targeted with malicious packages delivered through PyPI.
Fraud & Identity Theft
Vietnamese cybercrime gang shifts from credit card-skimming to exploiting at least two zero-day vulnerabilities enterprise software product.
Malware & Threats
A threat actor has infected Casio UK’s website with a web skimmer on all pages, except the typical checkout page.
Malware & Threats
Cuttlefish malware platform roaming around enterprise SOHO routers capable of covertly harvesting public cloud authentication data from internet traffic.
Malware & Threats
The new Wpeeper Android trojan ceased operations after a week and has zero detections in VirusTotal.
Malware & Threats
Three vulnerabilities in the Judge0 open source service could allow attackers to escape the sandbox and obtain root privileges on the host.
Artificial Intelligence
New CISA guidelines categorize AI risks into three significant types and pushes a four-part mitigation strategy.
Malware & Threats
In 2023, Google said it blocked 2.28 million bad applications from being published on Google Play and banned 333,000 developer accounts.
Data Breaches
US healthcare giant is warning millions of current and former patients that their personal information was exposed to third-party advertisers.
Malware & Threats
A new Android trojan named Brokewell can steal user’s sensitive information and allows attackers to take over devices.
Malware & Threats
More than 1,400 CrushFTP servers remain vulnerable to an actively exploited zero-day for which PoC has been published.
Malware & Threats
More than 90,000 unique IPs are still infected with a PlugX worm variant that spreads via infected flash drives.
Malware & Threats
A North Korea-linked threat actor hijacked the update mechanism of eScan antivirus to deploy backdoors and cryptocurrency miners.
Malware & Threats
A threat actor tracked as CoralRaider has been using multiple infostealers to harvest credentials from users worldwide.
Artificial Intelligence
A bipartisan duo in the the U.S. House is proposing legislation to ban the Chinese artificial intelligence app DeepSeek from federal devices.
Hacker Conversations
Vulnerabilities
Mobile & Wireless
Data Protection
Cybercrime
UK engineering firm IMI says it suffered a cyberattack that resulted in unauthorized access to some of its systems.
Cybersecurity Funding
