Malware & Threats
The number of internet-exposed Palo Alto firewalls is dropping, but 2,000 have been compromised, according to Shadowserver Foundation.
Hi, what are you looking for?
Researchers identify a previously unknown ClickFix variant exploiting PowerShell and clipboard hijacking to deliver the Lumma infostealer via a compromised travel site.
The number of internet-exposed Palo Alto firewalls is dropping, but 2,000 have been compromised, according to Shadowserver Foundation.
Apple rushes out out major macOS and iOS security updates to cover a pair of vulnerabilities already being exploited in the wild.
Palo Alto Networks has released patches and CVEs for the firewall zero-days exploited in what the company calls Operation Lunar Peek.
The saga of VMWare’s critical CVE-2024-38812 vCenter Server bug has reached the “exploitation detected” stage.
A zero-day vulnerability affecting five discontinued GeoVision product models has been exploited by a botnet.
The DeepData malware framework was seen exploiting a Fortinet VPN client for Windows zero-day that remains unpatched.
The Glove Stealer malware leverages a recently disclosed App-Bound encryption bypass method in attacks.
The Chinese APT behind the LightSpy iOS backdoor has expanded its toolset with DeepData, a modular Windows-based surveillance framework.
Most of the top frequently exploited vulnerabilities in 2023 were initially exploited as zero-days, according to data from government agencies.
Patch Tuesday: Microsoft patches 90 security flaws across the Windows ecosystem and warns of zero-day exploitation and code execution risks.
Adobe patches critical-severity bugs in multiple products, including the Adobe Commerce and Magento Open Source platforms.
Malwarebytes has acquired Sweden-based privacy-focused VPN provider AzireVPN to expand its product offerings.
North Korean cryptocurrency thieves caught targeting macOS with fake PDF applications, backdoors and new persistence tactics.
Impersonating legitimate software such as Foxit PDF Editor and AutoCAD, the SteelFox crimeware bundle steals user information.
ToxicPanda is a China-linked Android banking trojan spotted targeting over a dozen banks in Europe and Latin America.
CyberPanel vulnerabilities have been exploited to compromise thousands of instances as part of ransomware attacks.
The FakeCall Android banking trojan now employs advanced evasion tactics and expanded surveillance capabilities, posing heightened risks for banks and enterprises.
Authorities announce server shutdowns, domain seizures, and arrests in RedLine and Meta infostealers takedown operation.
Google has uncovered a Russian cyberespionage and influence campaign targeting Ukrainian military recruits.
French startup scores investments from Insight Partners, Accel and Moonfire, bringing the total raised to $56 million.