Scattered Lapsus$ Hunters threaten Google, demanding that two security experts, one from Google’s Threat Intelligence Group and the other from Mandiant, be fired or they will leak alleged stolen Go...
A sophisticated threat actor known as NoisyBear has emerged as a significant concern for Kazakhstan’s energy sector, employing advanced tactics to infiltrate critical infrastructure through weaponi...
Cybersecurity researchers have lifted the lid on a previously undocumented threat cluster dubbed GhostRedirector that has managed to compromise at least 65 Windows servers primarily located in Braz...
In a report published on September 3, Mandiant, part of Google Cloud, said that the attack leveraged exposed ASP.NET machine keys in Sitecore deployment guides from 2017 and earlier to perform remo...
The U.S. Department of State is offering a reward of up to $10 million for information on three Russian Federal Security Service (FSB) officers involved in cyberattacks targeting U.S. critical infr...
The NotDoor backdoor is a sophisticated Visual Basic for Applications (VBA) based malware targeting Microsoft Outlook, designed to monitor incoming emails for specific trigger words and execute mal...
Bitsight analysts identified this activity as the work of a novel botnet they dubbed RapperBot, noting its unusually rapid kill chain and innovative use of legacy hardware constraints to evade dete...
An Iran-nexus group has been linked to a coordinated and multi-wave spear-phishing campaign targeting embassies and consulates in Europe and other regions across the world. The attack chains invol...
The two flaws that were detected as exploited in zero-day attacks are CVE-2025-38352, an elevation of privilege in the Android kernel, and CVE-2025-48543, also an elevation of privilege problem in ...
Cybersecurity researchers have flagged a Ukrainian IP network for engaging in massive brute-force and password spraying campaigns targeting SSL VPN and RDP devices between June and July 2025. “We ...
A comprehensive new report by Sekoia.io’s Threat Detection & Research team reveals how these private companies have industrialized spyware deployment, transforming targeted surveillance from is...
A sophisticated spear-phishing campaign has emerged targeting senior executives and C-suite personnel across multiple industries, leveraging Microsoft OneDrive as the primary attack vector. Stripe...
A sophisticated spear-phishing campaign orchestrated by Iranian-aligned operators has been identified targeting diplomatic missions worldwide through a compromised Ministry of Foreign Affairs of Om...
Resecurity’s HUNTER Team discovered that application credentials, specifically the ClientId and ClientSecret, were left exposed in a publicly accessible appsettings.json file. These credentials al...
NEW: CVE vendor-product description metric Referenceurl title GithubURL CVE-2024-37358 Apache Software Founda...
Beginning as early as Aug. 8, 2025 through at least Aug. 18, 2025, the actor targeted Salesforce customer instances through compromised OAuth tokens associated with the Salesloft Drift third-party ...
A newly detected cyber campaign is exploiting trusted but vulnerable Windows drivers to bypass security protections and install a remote access tool. Although signed by Microsoft and not previousl...
A newly discovered vulnerability in AI systems could allow hackers to steal private information by hiding commands in ordinary images. This discovery came from cybersecurity researchers at Trail of...
A newly discovered critical security vulnerability in the Next.js framework, designated CVE-2025-29927, poses a significant threat to web applications by allowing malicious actors to completely byp...
Cybersecurity researchers are calling attention to a new shift in the Android malware landscape where dropper apps, which are typically used to deliver banking trojans, now also distribute simpler ...