Security News

The North Korean threat actor known as ScarCruft has been linked to the zero-day exploitation of a now-patched security flaw in Windows to infect devices with malware known as RokRAT. The...

In this Help Net Security interview, Ismael Valenzuela, Vice President of Threat Research & Intelligence at BlackBerry, discusses the impact of geopolitical tensions on the frequency and...

Cybersecurity researchers have found that entry points could be abused across multiple programming ecosystems like PyPI, npm, Ruby Gems, NuGet, Dart Pub, and Rust Crates to stage software supply...

The Iranian state-sponsored hacking group APT34, aka OilRig, has recently escalated its activities with new campaigns targeting government and critical infrastructure entities in the United Arab...

The Iranian threat actor known as OilRig has been observed exploiting a now-patched privilege escalation flaw impacting the Windows Kernel as part of a cyber espionage campaign targeting the...

Ransomware gangs now exploit a critical security vulnerability that lets attackers gain remote code execution (RCE) on vulnerable Veeam Backup & Replication (VBR) servers. [...]

Palo Alto Networks warned customers today to patch security vulnerabilities (with public exploit code) that can be chained to let attackers hijack PAN-OS firewalls. [...]

If you run a self-managed GitLab installation with configured SAML-based authentication and you haven’t upgraded it since mid-September, do it now, because security researchers have published an...

Qualcomm has rolled out security updates to address nearly two dozen flaws spanning proprietary and open-source components, including one that has come under active exploitation in the wild. The...

Google has revealed the various security guardrails that have been incorporated into its latest Pixel devices to counter the rising threat posed by baseband security attacks. The cellular baseband...