Application Security
Security researchers at Proofpoint are calling attention to the discovery of a commercial red-teaming tool called Nighthawk, warning that the command-and-control framework is likely...
Hi, what are you looking for?
SecurityWeek
Phishing
A long-running campaign phishing for credentials through scareware recently switched to targeting macOS users.
Phishing
Threat actors are abusing Microsoft 365 infrastructure in a BEC campaign, and target its users in two brand impersonation campaigns.
Phishing
A cybercrime group named Storm-1865 has targeted hospitality organizations via fake Booking.com emails and the use of social engineering.
Phishing
Researchers see dozens of fake DeepSeek websites used for credential phishing, cryptocurrency theft, and scams.
Cybercrime
Business resilience must be the ultimate purpose of all the security controls and processes we employ, because we will never conclusively defeat or protect...
Phishing
Noteworthy stories that might have slipped under the radar: several multi-million dollar settlements, CrowdStrike-themed phishing emails, and MITRE launches D3FEND 1.0.
Cybercrime
A threat actor tracked as DEV-0569 and known for the distribution of various malicious payloads was recently observed updating its delivery methods, Microsoft warns.
Application Security
Cybersecurity powerhouse Palo Alto Networks on Thursday announced plans to spend $195 million in cash to acquire Israeli startup Cider Security, a deal that...
Application Security
The U.S. government on Wednesday issued a blunt recommendation for organizations running VMWare Horizon servers: Initiate threat-hunting activities to find and expel Iranian APT...
Application Security
Israeli early-stage startup Akeyless has banked a whopping $65 million in venture capital funding to build technology to help businesses manage credentials, certificates, keys...
Application Security
Continuous attack surface management pioneer Bishop Fox continues to attract the attention of investors with the banking of another $46 million in growth funding...
Cybercrime
Threat intelligence firm Cyjax has uncovered a long-standing and sophisticated cybercrime campaign spoofing more than 400 popular brands.
Application Security
Virtualization technology giant VMware joined the Patch Tuesday train this week to deliver urgent security patches to its VMware Workspace One product.
Application Security
The zero-day attacks against Microsoft’s software products are showing no signs of slowing down.
Application Security
The world’s largest software maker is warning that China-based nation state threat actors are taking advantage of a one-year-old law to “stockpile” zero-days for...
Identity & Access
The US Cybersecurity and Infrastructure Security Agency (CISA) has published guidance on how organizations can protect against phishing and other threats by implementing phishing-resistant...
Cybercrime
Dropbox revealed on November 1 that it recently suffered a data breach where malicious actors gained access to some source code and personal information...
ICS/OT
Forescout has found dozens of vulnerabilities in solar power systems from Sungrow, Growatt and SMA.
Artificial Intelligence
Hacker Conversations
Supply Chain Security
Vulnerabilities
Splunk patches high-severity remote code execution and information disclosure flaws in Splunk Enterprise and Secure Gateway App.
Management & Strategy
