Latest News

Threat actors have been observed abusing Kubernetes RBAC to create backdoors and hijack cluster resources for cryptocurrency mining.

Critical vulnerability found in Inea RTU can be exploited to remotely hack devices and cause disruption in industrial organizations.

SolarWinds has patched two high-severity vulnerabilities that could lead to command execution and privilege escalation.

Learning how to spot the signs of narcissism and identify narcissists will help us ensure that we do not bring these people into our security and fraud teams, or our enterprises.

More than 3,000 participants from 38 countries took place in NATO’s 2023 Locked Shields cyber defense exercise.

The North Korean hacking group behind the supply chain attack that hit 3CX also broke into two critical infrastructure organizations in the energy sector.

Texas startup scores financing to build an AI-powered anti-ransomware engine to help organizations ward off data-extortion attacks.

Attackers are installing the abandoned Eval PHP plugin on compromised WordPress sites to inject PHP code into web pages.

Five Eyes agencies have issued joint cybersecurity guidance and best practices for smart cities.

A vulnerability in Google Cloud Platform allowed attackers to modify and hide OAuth applications to create a stealthy backdoor to any Google account.

GitHub this week introduced NPM package provenance and deployment protection rules and announced general availability of private vulnerability reporting.

A top administrator with Washington’s health insurance exchange apologized to House members on Wednesday for the data breach that resulted in the disclosure of personal information for thousands of users.

Capita finally confirmed that hackers stole data after the Black Basta ransomware group offered to sell information allegedly stolen from the company.

VMware warns of two critical vulnerabilities -- CVE-2023-20864 and CVE-2023-20865 -- in the VMware Aria Operations for Logs product.

Microsoft plans to use weather-themed naming of APT actors as part of a move to simplify the way threat actors are documented.