Security | News, how-tos, features, reviews, and videos
Proofpoint reports that a threat actor has used the tactic against critical infrastructure firms in the UAE, warns CISOs to watch for it elsewhere.
Broadcom has patched three vulnerabilities in the VMware ESXi hypervisor and related products, with Microsoft reporting the flaws are being actively exploited to take control of host systems.
Widespread AMS vulnerabilities threaten physical and data security across key industries.
A global survey shows that less than half of manufacturing companies are prepared for the rising onslaught of cyberattacks against them.
Threat actors increasingly using stolen credentials to compromise cloud assets, warns the company's annual threat report.
Press reports suggest that US Cybercom is standing down from tracking Russia’s offensive cyber operations, and CISA may no longer consider Russia a priority. Officials say Cybercom’s action is a gambit to get Russia to negotiate, and CISA
The civil suit against four members of Storm-2139 underscores an emerging trend that blends stolen LLM credentials and AI jailbreaking to reap financial gains for cybercriminals and losses for companies they exploit.
Unpatched flaw CVE-2024-49035 allows unauthenticated privilege escalation, posing supply chain risks
The flaws allow attackers to use a serialization oversight to compromise systems for remote code execution.
Investigation revealed that BingX, & Phemex hacks were also connected to the same cluster as Bybit's, confirming the threat actor’s identity as the Lazarus group.