Varonis Threat Labs discovered a high-severity vulnerability in ServiceNow’s platform that could lead to significant data exposure and exfiltration, including PII, credentials, and other sensitive ...

In a recent article, we discussed some of the reasons sites are frequently attacked. That article covered browser redirects, and we’ll explore an example of such a case here. Website themes are a ...

A set of 18 malicious browser extensions that are still available to download on Google Chrome and Microsoft Edge have been identified by a team of security researchers at Koi Security. These exte...

One of the things we’re most proud of at DomainTools is our Grants program. We offer free access and training to investigative journalists, as well as security researchers involved in community-ben...

In the volatile aftermath of the Israel-Iran-USA conflict, a sophisticated cyber threat has re-emerged, targeting organizations across the West. Morphisec’s threat research team has uncovered the r...

In the last few months, Reversing Labs (RL) researchers have encountered multiple malicious packages that target cryptocurrency users and developers. In May, RL researcher Karlo Zanki wrote a blog ...

Unit 42 researchers uncovered a campaign by an initial access broker (IAB) to exploit leaked Machine Keys — cryptographic keys used on ASP.NET sites — to gain access to targeted organizations. IABs...

The DoNot APT group, also identified by various security vendors as APT-C-35, Mint Tempest, Origami Elephant, SECTOR02, and Viceroy Tiger, has been active since at least 2016, and has been attribut...

Excerpt: “Combolists and URL-Login-Password (ULP) files have existed since the earliest user data leaks. These files offer a convenient format for storing and distributing compromised credentials ...

TapTrap is a new type of attack targeting Android devices. It allows an app without any permissions to misuse screen animations. This app can secretly open another screen, such as a permission prom...

ThreatFabric researchers have identified a new campaign involving the Anatsa Android banking trojan, which is now targeting users in North America. This marks at least the third instance of Anatsa ...

NEW: CVE vendor-product description metric Referenceurl title GithubURL   CVE-2016-10033 n/a - n/a The ma...

Affected Platforms: Microsoft Windows Impacted Users: Microsoft Windows Impact: The stolen information can be used for future attacks Severity Level: High FortiGuard Labs recently uncovered an act...

Shellter Project, the vendor of a commercial AV/EDR evasion loader for penetration testing, confirmed that hackers used its Shellter Elite product in attacks after a customer leaked a copy of the s...

Resurgence of Monero-mining Malware Is it the same XMRig threat from the past? What is apparent with the current XMRig threat is its multi-staged approach and use of LOLBAS (Living Off the Land B...

Source: Cybereason Excerpt: Delivery Mechanism Threat actors utilize phishing campaigns to distribute a malicious website link through: Phishing emails PDF attachments Gaming websites Att...

Technical Details We’ll skimp on a bunch of internal background information for NetScaler for the sake of brevity, but if you’re interested in reading further, here are a few good write-ups to get...

Since early March 2025, our systems have recorded an increase in detections of similar files with names like договор-2025-5.vbe, приложение.vbe, and dogovor.vbe (translation: contract, attachment) ...

Key Takeaways BERT (tracked by Trend Micro as Water Pombero) is a newly emerged ransomware group targeting both Windows and Linux platforms, with confirmed victims in Asia, Europe, and the US, par...

On June 17th, 2025, two critical vulnerabilities - CVE-2025-5349 and CVE-2025-5777 - were disclosed in Citrix Netscaler ADC and Netscaler Gateway, enabling unauthorized access to sensitive resource...