A newly documented malware campaign involving a strain known as PDFSider highlights how threat actors continue to rely on trusted application abuse to bypass modern security defenses. The malware...
A newly identified cyber espionage campaign targeting United States government and policy-related entities has brought renewed attention to the evolving tradecraft of advanced persistent threat...
In the fast-paced world of cybersecurity, vulnerabilities in essential tools can pose significant risks to organizations worldwide. One such issue has recently come to light with Fortinet's FortiSIEM...
Security operations centers are under pressure like never before. Alert volumes continue to rise, attackers move faster, and budgets rarely grow at the same pace as expectations. Against this...
Mandiant has released a precomputed rainbow table capable of cracking administrative passwords protected by Microsoft’s deprecated NTLMv1 hashing algorithm in under 12 hours using consumer-grade...
A coordinated campaign involving malicious Google Chrome extensions has been uncovered targeting enterprise HR and ERP platforms, exposing how browser-based threats are increasingly being used as an...
A sprawling malicious browser extension campaign known as GhostPoster has been uncovered across Chrome, Firefox, and Microsoft Edge, with researchers estimating more than 840,000 installs before...
In a significant blow to international cybercrime networks, law enforcement agencies from Germany and Ukraine have unmasked and targeted the alleged mastermind behind one of the world's most...
GootLoader has resurfaced with a technically clever and operationally frustrating evolution that exploits one of the most trusted file formats in enterprise environments. Researchers have observed...
Aero-Coating GmbH, a Germany-based industrial coatings manufacturer serving aerospace, automotive, and heavy-industry customers, has been listed as the victim of a ransomware-related data breach...
Grubhub has confirmed it suffered a data breach and is now facing extortion demands, placing another major consumer-facing digital platform under scrutiny as cybercriminals continue to prioritize...
January 16, 2026 — After nearly two months of confirmed active exploitation in the wild, Cisco Systems has finally released patches for one of the most severe zero-day vulnerabilities affecting its...
When a ransomware group claims it has stolen hundreds of gigabytes from a global automaker, the headline is not the number. The headline is what the number implies: breadth, internal sprawl, and a...
A recently disclosed misconfiguration in AWS CodeBuild has drawn attention to a subtle but potentially dangerous class of supply chain risks lurking inside modern CI/CD pipelines. The issue centered...
Researchers have disclosed a new hardware-level vulnerability dubbed StackWarp that affects AMD Zen processors and poses a risk to confidential virtual machines. The flaw challenges long-held...
The Anchorage Police Department has taken internal servers offline following a cybersecurity incident linked to one of its third-party service providers, underscoring the growing exposure of local...
The Qilin ransomware group stands as one of the most formidable players in the modern cybercrime landscape. Emerging from the shadows of the dark web, this Russian-speaking operation has evolved into...
In a significant blow to the underground world of cybercrime, Microsoft has successfully disrupted RedVDS, a subscription-based platform that empowered cybercriminals to orchestrate sophisticated...
In a move that has sparked widespread controversy and international concern, Ugandan authorities imposed a nationwide internet shutdown just days before the country's highly anticipated national...
Kyowon Group, one of South Korea’s largest education and lifestyle conglomerates, has confirmed that sensitive data was stolen during a recent ransomware attack that disrupted internal systems and...