Interpol warns that scam centers are expanding beyond Southeast Asia

Esse Health, a healthcare provider based in St. Louis, Missouri, is notifying over 263,000 patients that their personal and health information was stolen in an April cyberattack. [...]

The FY 2026 House Homeland Security Appropriations Bill highlights growing focus in Congress on protecting border infrastructure from cyber threats. The directive to implement continuous...

ESET experts discuss Sandworm’s new data wiper, UnsolicitedBooker’s relentless campaigns, attribution challenges amid tool-sharing, and other key findings from the latest APT Activity Report

Both the US authorities and Microsoft have taken action to disrupt North Korean IT worker schemes

Building automation giant Johnson Controls is notifying individuals whose data was stolen in a massive ransomware attack that impacted the company's operations worldwide in September 2023. [...]

2025-06-29 • Medium Sapir Twig • Sapir Twig • win.darkgate Open article on Malpedia

2025-06-20 • Field Effect • Daniel Albrecht, Elena Lapina, Field Effect, Sean Alexander Open article on Malpedia

2025-06-27 • axios • Sam Sabin Open article on Malpedia

2025-06-30 • ICC • ICC Open article on Malpedia

2025-06-29 • Humpty's RE Blog • cyb3rjerry • win.supper Open article on Malpedia

Google has released emergency updates to patch another Chrome zero-day vulnerability exploited in attacks, marking the fourth such flaw fixed since the start of the year. [...]

Fonts can include ligatures - special case specific combinations of letters. For instance, an "f" and an "i" combine into "fi" nicely. The bug reporter noticed that Google Sans, used in the domain...

The blog post introduces a concept known as differential fuzzing. The idea is to generate input, process it through multiple pipelines and see if the output is the same. In blockchain protocols...

July 1, 2025 According to detection statistics collected by Dr.Web Security Space for mobile devices, adware trojans from various families remained the most common malware. Members of the...

July 1, 2025 According to statistics collected by the Dr.Web anti-virus, the total number of threats detected in the second quarter of 2025 decreased by 7.38%, compared to the first quarter. At...

Industrial cybersecurity firm Claroty reported that the April compromise of a control system at a Norwegian dam and... The post Lake Risevatnet dam hack exposes industrial cyber gaps as weak...

New Censys data examined recent internet exposure of four device types previously targeted or monitored by Iranian threat... The post Censys researchers find industrial devices still wide open...

Edge computing, machine learning algorithms and centralized management platforms work in tandem to ensure industrial systems keep running.

Self-XSS is when you can trigger cross site scripting (XSS) but only on yourself. This post goes into a few ways to make self-XSS exploitable, with the final one being the most interesting. The...

Acala is an L2 blockchain built around the Polkadot ecosystem. Polkadot acts as the relay chain which coordinates with other blockchains in the network. Acala, in this system, is referenced to as...

The original implementation of Elliptic Curve Digital Signatures Algorithm (ECDSA) worked the same as DSA besides it used EC math. It has a known bad flaw: if you use reuse the nonce, then it's...

U.S. cybersecurity and intelligence agencies have issued a joint advisory warning of potential cyber-attacks from Iranian state-sponsored or affiliated threat actors. "Over the past several...

How much does cybercrime cost? What are the average costs associated with a single attack? And what is the cumulative annual cost of cybercrime?

Europol on Monday announced the takedown of a cryptocurrency investment fraud ring that laundered €460 million ($540 million) from more than 5,000 victims across the world. The operation, the...

The US Justice Department revealed the identity theft number along with one arrest and a crackdown on “laptop farms” that allegedly facilitate North Korean tech worker impersonators across the US.

An email reviewed by Scoop News Group and analyzed by Proofpoint reveals the latest attempt by fraudsters to capitalize on confusion over the Elon Musk-created group. The post Scammers have a new...

An email reviewed by Scoop News Group and analyzed by Proofpoint reveals the latest attempt by fraudsters to capitalize on confusion over the Elon Musk-created group. The post Scammers have a new...

The threat actor known as Blind Eagle has been attributed with high confidence to the use of the Russian bulletproof hosting service Proton66. Trustwave SpiderLabs, in a report published last...

Starting in August, your saved passwords will no longer be accessible in Microsoft's Authenticator app. You have several options.