Kazuar Backdoor Uses DLL Side-Loading and PowerShell Loaders for Stealthy Execution
Turla’s Kazuar backdoor has re-emerged as a technically sophisticated persistence and reconnaissance tool that combines DLL side-loading with PowerShell-base...
20 articles
Turla’s Kazuar backdoor has re-emerged as a technically sophisticated persistence and reconnaissance tool that combines DLL side-loading with PowerShell-base...
A suspected China-aligned threat activity cluster has been observed exploiting Roundcube webmail software belonging to physics and engineering departments of...
Socket says the campaign remains active and more attacks are likely.
A use-after-free bug in Linux's KVM hypervisor can be triggered from a guest virtual machine to corrupt the shadow-page state of the host kernel that runs it...
The seven vulnerabilities in FatFs, a library embedded in firmware for devices like security cameras, drones, and industrial controllers, were found to be re...
LTM has launched BlueVerse RightLogic, a cybersecurity assessment and risk assurance framework designed to help enterprises identify, assess and remediate cy...
The PolinRider campaign has compromised more than 100 legitimate open source packages and repositories to deliver a backdoor and information stealer to devel...
AI is changing cybercrime, but SMB cyber readiness still largely depends on closing the familiar gaps
Researchers warn that collaboration could lead to “unprecedented” ransomware attacks, as FBI also issues warning
Here’s a look at the most interesting products from the past week, featuring releases from Digi International, iboss, Jamf, and Netzilo. Digi International’s...
Threat actors associated with the Anubis ransomware operation have been observed exploiting the Citrix Bleed 2 (CVE-2025-5777) vulnerability to obtain initia...
ConsentFix and ClickFix attacks steal Microsoft 365 tokens in seconds using fake prompts and OAuth flows. Learn how these MFA bypass tactics work and how to ...
Google has promoted Chrome 151 to the stable channel for Windows, macOS and Linux, delivering a major security update that addresses 382 vulnerabilities acro...
Attackers can exploit LLM domain hallucinations through phantom squatting to target supply chains. Read the analysis to learn more.
Police arrested the alleged admin of XSS.is, a major cybercrime forum whose trusted escrow service helped power the underground economy.
DC, United States, June 30th, 2026, CyberNewswire The Internet Society today announced that 2027 Network and Distributed System Security (NDSS) Symposium wil...
Aikido Security has acquired Root, uniting behind a shared mission to make it easy for developers and agents to build with secure open source and tackle the ...
Digi International has announced the launch of DANI, the Digi Artificial Network Intelligence agent, a purpose-built AI network operations agent natively emb...
Decades-old Bash shell tricks can bypass safeguards in most open source AI coding agents, potentially turning malicious repositories into supply chain attack...
View CSAF Summary Successful exploitation of this vulnerability could allow an unauthenticated remote attacker to enumerate all user accounts and role assign...