Security News

Feds warn of 'highly tailored, difficult-to-detect social engineering campaigns' The FBI has warned that North Korean operatives are plotting "complex and elaborate" social engineering attacks...

93GB of info feared pilfered in Montana by heartless crooks Planned Parenthood of Montana's chief exec says the org is responding to a cyber-attack on its systems, and has drafted in federal law...

The MacroPack framework, initially designed for Red Team exercises, is being abused by threat actors to deploy malicious payloads, including Havoc, Brute Ratel, and PhatomCore. [...]

A new "EUCLEAK" flaw found in FIDO devices using the Infineon SLE78 security microcontroller, like Yubico's YubiKey 5 Series, allows attackers to extract Elliptic Curve Digital Signature Algorithm...

Read more about an attack campaign led by Iran-based cyberespionage threat actor Fox Kitten, and learn how to protect your company from this threat.

Threat actors are utilizing an attack called "Revival Hijack," where they register new PyPi projects using the names of previously deleted packages to conduct supply chain attacks. [...]

A new malware campaign is spoofing Palo Alto Networks' GlobalProtect VPN software to deliver a variant of the WikiLoader (aka WailingCrab) loader by means of a search engine optimization (SEO)...

OpenBAS is an open-source platform that enables organizations to plan, schedule, and execute crisis exercises, adversary simulations, and breach simulations. Compliant with ISO 22398 standards,...

Ransomware remains a concerning cybersecurity threat, with attacks becoming more frequent, severe, and costly. Recent reports highlight alarming trends, including increased attacks on critical...

The FBI warns of North Korean hackers aggressively targeting cryptocurrency companies and their employees in sophisticated social engineering attacks, aiming to deploy malware that steals their...