Security News

A malware botnet is exploiting a zero-day vulnerability in end-of-life GeoVision devices to compromise and recruit them for likely DDoS or cryptomining attacks. [...]

Cybersecurity researchers have disclosed a high-severity security flaw in the PostgreSQL open-source database system that could allow unprivileged users to alter environment variables, and...

A newly patched security flaw impacting Windows NT LAN Manager (NTLM) was exploited as a zero-day by a suspected Russia-linked actor as part of cyber attacks targeting Ukraine. The vulnerability...

'Once again, we've lost a little more faith in the internet,' researcher says Researchers are publicizing a proof of concept (PoC) exploit for what they're calling an unauthenticated remote code...

Cybersecurity researchers have flagged a new ransomware family called Ymir that was deployed in an attack two days after systems were compromised by a stealer malware called RustyStealer. "Ymir...

Cybersecurity researchers have discovered a new phishing campaign that spreads a new fileless variant of known commercial malware called Remcos RAT. Remcos RAT "provides purchases with a wide...

An ongoing phishing campaign is employing copyright infringement-related themes to trick victims into downloading a newer version of the Rhadamanthys information stealer since July 2024....

An ongoing threat campaign dubbed VEILDrive has been observed taking advantage of legitimate services from Microsoft, including Teams, SharePoint, Quick Assist, and OneDrive, as part of its modus...

'It was like watching a robot going rogue' says researcher OpenAI's language model GPT-4o can be tricked into writing exploit code by encoding the malicious instructions in hexadecimal, which...

In this Help Net Security video, Jake King, Head of Threat & Security Intelligence at Elastic, discusses the key findings from the 2024 Elastic Global Threat Report. Adversaries are utilizing...