This October, researchers uncovered its delivery through the npm package registry—a supply chain attack targeting developers and organizations reliant on Node.js modules for critical infrastructure...
TP-Link is warning of two command injection vulnerabilities in Omada gateway devices that could be exploited to execute arbitrary OS commands. Although the two security issues lead to the same resu...
Instead, Coldriver seemed to have shifted to a new set of malware families tracked by Google as NoRobot, YesRobot and MaybeRobot. The attack starts with a ‘ClickFix-style’ phishing lure, a fake CAP...
The average ransomware payment has increased to $3.6m this year, up from $2.5m in 2024 – a 44% surge despite a decline in the overall number of attacks. While the number of attacks dropped, the da...
On the first day of Pwn2Own Ireland 2025, security researchers exploited 34 unique zero-days and collected 22,500 in cash awards. The highlight of the day was Bongeun Koo and Evangelos Daravigkas ...
The intrusion likely began with exploitation of a Citrix NetScaler Gateway appliance in the first week of July 2025. From there, the actor pivoted to Citrix Virtual Delivery Agent (VDA) hosts in th...
Sweeping layoffs have gutted the Cybersecurity and Infrastructure Security Agency’s (CISA) Stakeholder Engagement Division (SED), effectively dismantling crucial partnerships with state and local g...
CISA has confirmed that an Oracle E-Business Suite flaw tracked as CVE-2025-61884 is being exploited in attacks, adding it to its Known Exploited Vulnerabilities catalog. BleepingComputer previous...
A new and ongoing supply-chain attack is targeting developers on the OpenVSX and Microsoft Visual Studio marketplaces with self-spreading malware called GlassWorm that has been installed an estimat...
Russian cybercrime group Lynx breached Dodd Group, a contractor for the UK Ministry of Defence, stealing and leaking hundreds of sensitive files on eight RAF and Royal Navy bases. The incident occu...
A proof-of-concept (PoC) exploit has been released for a critical vulnerability in Microsoft’s Windows Server Update Services (WSUS), enabling unauthenticated attackers to execute remote code with ...
A more than year-long digital intrusion into cybersecurity company F5 (FFIV.O), publicized last week and blamed on Chinese spies, has defenders across the industry hunting for signs of compromise a...
AI-driven social engineering is set to be one of the most significant cyber threats in 2026, a new ISACA report revealed. The 2026 ISACA Tech Trends and Priorities report found that this type of AI...
WatchGuard has disclosed a critical out-of-bounds write vulnerability in its Fireware OS, enabling remote unauthenticated attackers to execute arbitrary code via IKEv2 VPN connections. An attacker...
A high-severity vulnerability in the Pluggable Authentication Modules (PAM) framework was assigned the identifier CVE-2025-8941. This vulnerability stems from the heart of Linux operating systems, ...
Europol on Friday announced the disruption of a sophisticated cybercrime-as-a-service (CaaS) platform that operated a SIM farm and enabled its customers to carry out a broad spectrum of crimes rang...
The main purpose of a data broker is to make money, as they sell all kinds of data to various individuals and organizations worldwide. This includes selling to political organizations to target vot...
China on Sunday accused the U.S. National Security Agency of carrying out cyberattacks on its national time center following an investigation, saying any damage to related facilities could have dis...
Cybersecurity researchers have shed light on a new campaign that has likely targeted the Russian automobile and e-commerce sectors with a previously undocumented .NET malware dubbed CAPI Backdoor. ...
The Everest ransomware group is claiming responsibility for the September breach of Collins Aerospace and its MUSE check-in software – in an attack that impacted multiple major airports across Euro...