Three security vulnerabilities have been disclosed in preloaded Android applications on smartphones from Ulefone and Krüger&Matz that could enable any app installed on the device to perform a...

Qualcomm has shipped security updates to address three zero-day vulnerabilities that it said have been exploited in limited, targeted attacks in the wild. The flaws in question, which were...

Reliable connectivity can make or break efficient business operations—fortunately, there are several different kinds of connectivity available to fit any technical requirement or budget. Selecting...

Litecoin (LTC), often called the “silver to Bitcoin’s gold,” has long been popular for its speed, lower transaction…

Luxury fashion brand Cartier is warning customers it suffered a data breach that exposed customers' personal information after its systems were compromised. [...]

Qualys details CVE-2025-5054 and CVE-2025-4598, critical vulnerabilities affecting Linux crash reporting tools like Apport and systemd-coredump. Learn how…

The sites were used for more than a decade by cybercriminals who wanted to test malware against security tools.

Packing a portable charger for your next flight? Better read up on Southwest's latest policy change.

The compliance company said the customer data exposure was caused by a product change.

If this had been a security drill, someone would’ve said it went too far. But it wasn’t a drill—it was real. The access? Everything looked normal. The tools? Easy to find. The detection? Came too...

The spyware maker claims the damages it was ordered to pay are "excessive," and that the jury wanted to “bankrupt” the company.

The evolution of cyber threats has forced organizations across all industries to rethink their security strategies. As attackers become more sophisticated — leveraging encryption,...

The fate of the fiscal 2026 budget blueprint, which includes a $495 million reduction for the agency, is uncertain. The post Trump budget proposal would slash more than 1,000 CISA jobs appeared...

BO Team, also known as Black Owl, has been active since early 2024 and appears to operate independently, with its own arsenal of tools and tactics, researchers at Russian cybersecurity firm Kaspersky said.

The US Department of the Treasury has taken action against Funnull Technology Inc. for enabling massive pig butchering…

Two U.S. Senators have introduced legislation designed to deepen cybersecurity collaboration within the nation’s energy infrastructure. The proposed... The post US lawmakers propose legislation to...

A group of U.S. Senate Democrats is urging Kristi Noem, the Homeland Security Secretary, to bring back the... The post Senate democrats urge Homeland Security to revive CSRB amid China-linked...

Two local information disclosure flaws in Linux crash-reporting tools have been identified exposing system data to attackers

2025-05-28 • Rapid7 • Anna Širokova, Ivan Feigl • win.winos Open article on Malpedia

Outdoor apparel retailer The North Face is warning customers that their personal information was stolen in credential stuffing attacks targeting the company's website in April. [...]

2025-05-28 • Darktrace • Tara Gould • elf.pumabot Open article on Malpedia

2025-05-28 • EclecticIQ • Alon Gal, Arda Büyükkaya • win.wm_rat Open article on Malpedia

2025-05-30 • Censys • Himaja Motheram Open article on Malpedia

A new malware campaign targeting Windows and Linux systems has been identified, deploying tools for evasion and credential theft

American cybersecurity company SentinelOne revealed over the weekend that a software flaw triggered a seven-hour-long outage on Thursday. [...]

2025-05-28 • Google • Patrick Whitsell • win.toughprogress Open article on Malpedia

2025-05-28 • Greynoise • GreyNoise Research Open article on Malpedia

2025-05-28 • Trustwave • Cris Tomboc, King Orande Open article on Malpedia

Wiz finds new threat group running cryptojacking campaign via exploited and misconfigured DevOps assets

The Wiz Threat Research team has identified a widespread cryptojacking campaign targeting commonly used DevOps applications including Nomad and Consul.