Latest News

Apparently malicious NPM packages linked to Snyk raised some concerns, but the security firm clarified that it’s part of a research project.

New York identity management startup raises $36 million in an unusually large seed round co-led by Team8 and Intel Capital.

Cyber threat intelligence can inform decisions but is a complex issue. Where it is complete and accurate it is a huge boon.

SAP has released 14 security notes on January 2025 Patch Day, including two addressing critical vulnerabilities in NetWeaver.

CISA and other Western security agencies have shared guidance for OT owners and operators when procuring products. 

A ransomware group tracked as Codefinger is using compromised AWS keys to encrypt S3 bucket data using SSE-C.

Attackers have been exploiting a second vulnerability in BeyondTrust’s remote management solutions, CISA warns.

Many Ivanti VPNs are still exposed to attacks exploiting a recent vulnerability tracked as CVE-2025-0282 and Nominet has been named as a victim.

Attackers are exploiting a critical vulnerability in Aviatrix Controller to execute arbitrary code in AWS cloud environments.

Infostealer malware allowed threat actors to compromise Telefonica employees’ credentials and access the company’s internal ticketing system.

Redmond's AI Red Team says human involvement remains irreplaceable in addressing nuanced risks.

A fake proof-of-concept (PoC) exploit for a recent LDAP vulnerability distributes information stealer malware.

The US Justice Department has announced charges against three Russians for operating the Blender and Sinbad cryptocurrency mixers.

Developed with the help of AI, the emerging FunkSec ransomware claimed over 80 victims in December 2024.

Juniper Networks has patched multiple high-severity vulnerabilities in Junos OS and its third-party components.