UAT-8302 Targets Government Agencies With Custom Malware and Open-Source Tools
A new China-linked hacking group, tracked as UAT-8302, that is using custom malware and open-source tools to spy on government organizations in South America...
Aggregating 5576 articles from trusted cybersecurity sources
A new China-linked hacking group, tracked as UAT-8302, that is using custom malware and open-source tools to spy on government organizations in South America...
Dragos has published a report describing how threat actors used Claude AI in an attack on a water and drainage utility in Mexico. The post Claude AI Guided H...
Hackers are abusing Google Ads to steal GoDaddy ManageWP credentials by placing a look‑alike phishing ad above the legitimate ManageWP result and proxying vi...
Redis has disclosed and patched five security vulnerabilities, including four rated High severity, that could allow authenticated attackers to achieve remote...
This year marks the 10th anniversary of the EU’s adoption of the General Data Protection Regulation, which became mandatory for all companies beginning on Ma...
How come it’s still possible to ‘secure’ an online account with a six-digit string?
The U.S.
Malicious NuGet packages are quietly stealing browser credentials, SSH keys, and cryptocurrency wallet data from developer machines and CI/CD infrastructure,...
Cisco has issued a high-severity security advisory detailing a critical connection exhaustion vulnerability affecting its network management software. Tracke...
Multiple critical sandbox-escape vulnerabilities have been disclosed in vm2, one of the most widely used Node.js sandboxing libraries, allowing attackers to ...
A wave of ClickFix-style social engineering attacks that specifically target macOS users, using fake disk cleanup and system utility tips hosted on popular c...
Iranian state-sponsored threat actors linked to MuddyWater (Seedworm) have been caught hiding behind the Chaos ransomware brand to conduct sophisticated espi...
At least five cybersecurity firms confirmed they have been affected by a breach of business intelligence platform Klue via Salesforce integration
Hackers stole personal information after breaching the systems of a third-party license vendor serving TPWD. The post Texas Parks & Wildlife Data Breach Affe...
The Gentlemen equips affiliates with a centralized EDR-killer suite, rapidly weaponizing BYOVD exploits to disable security tools before ransomware attacks. ...
The Gentlemen equips affiliates with a centralized EDR-killer suite, rapidly weaponizing BYOVD exploits to disable security tools before ransomware attacks. ...
A detailed MDR provider comparison covering tiers, response speed, coverage, threat intelligence, pricing, and breach warranties to help you choose.
Texas Cyber Command has disclosed a massive third-party data breach affecting the Texas Parks and Wildlife Department (TPWD), exposing the personal records o...
FortiBleed exposed credentials for 74,000 Fortinet devices, with attackers actively exploiting the leak to target systems worldwide. On June 18, CISA issued ...
Market intelligence platform Klue has publicly confirmed a recent security incident that allowed threat actors to steal OAuth tokens used to connect to custo...
The Texas Parks and Wildlife Department (TPWD) disclosed a data breach at its license system vendor that exposed personal information for more than three mil...
FBI dismantles extensive PhaaS, DragonForce ransomware abuses MS Teams relays, and PRC-based spies breach REDCap servers to steal research data.
Cybersecurity vendor Huntress was among multiple companies hit by a breach originating at Klue, a market intelligence platform used to integrate CRM and sale...
Introduction The average enterprise security team has 40 or more security tools, giving a lot of visibility into internal telemetry and asset data. But often...