Embedded Linux-based Internet of Things (IoT) devices have become the target of a new botnet dubbed PumaBot. Written in Go, the botnet is designed to conduct brute-force attacks against SSH...

Authorities in Pakistan have arrested 21 individuals accused of operating "Heartsender," a once popular spam and malware dissemination service that operated for more than a decade. The main...

Mandiant Threat Defense uncovers a campaign where Vietnam-based group UNC6032 tricks users with malicious social media ads for…

Stealer malware no longer just steals passwords. In 2025, it steals live sessions—and attackers are moving faster and more efficiently than ever. While many associate account takeovers with...

A financially motivated threat actor has been observed exploiting a recently disclosed remote code execution flaw affecting the Craft Content Management System (CMS) to deploy multiple payloads,...

A newly discovered Go-based Linux botnet malware named PumaBot is brute-forcing SSH credentials on embedded IoT devices to deploy malicious payloads. [...]

Executive Summary On May 7, 2025, during the active military escalation between Pakistan and India—specifically in the context of India's military campaign 'Operation Sindoor'—, EclecticIQ...

ReversingLabs discovers new malware hidden inside AI/ML models on PyPI, targeting Alibaba AI Labs users. Learn how attackers…

Two NHS England trusts could see highly sensitive patient records exposed

Would you expect an end user to log on to a cybercriminal’s computer, open their browser, and type in their usernames and passwords? Hopefully not! But that’s essentially what happens if they fall...

A spoofed Bitdefender site has been used in a malicious campaign distributing VenomRAT and other malware, according to DomainTools

ASEC Blog publishes Ransom & Dark Web Issues Week 5, May 2025 New ransomware group DATACARRY emerges: Victim companies in 8 countries disclosed 65,000 records of Korean individuals leaked on...

Don't install that unknown extension until you've checked out its reputation. Here's how to do that.

Cybersecurity researchers have disclosed details of a coordinated cloud-based scanning activity that targeted 75 distinct "exposure points" earlier this month. The activity, observed by GreyNoise...

The Interlock ransomware gang is deploying a previously undocumented remote access trojan (RAT) named NodeSnake against educational institutes for persistent access to corporate networks. [...]

How It Works Uncoder AI processes threat reports like CERT-UA#14045 on DarkCrystal RAT and generates Carbon Black-compatible detection logic. This feature maps observed file hashes, execution...

The data collector said the stolen data includes Social Security numbers.

Written by: Patrick Whitsell Google Threat Intelligence Group’s (GTIG) mission is to protect Google’s billions of users and Google’s multitude of products and services. In late October 2024, GTIG...

Estonia said a man is suspected of unlawfully accessing a customer card database managed by Allium UPI, the parent company of the Apotheka pharmacy chain, in February 2024.

This is the first time Czech authorities have officially called out a nation-state over a cyber-attack

A flaw in OneDrive File Picker has exposed millions to data overreach through excessive OAuth permissions

Over 9,000 ASUS routers are compromised by a novel botnet dubbed "AyySSHush" that was also observed targeting SOHO routers from Cisco, D-Link, and Linksys. [...]

Hackers likely based in Vietnam advertised websites offering AI-powered video generation tools, according to Google's Mandiant unit, and then used the sites to spread infostealers and other malware.

A sprawling network of fake AI, VPN, and crypto software download sites is being used by the "Dark Partner" threat actors to conduct a crypto theft attacks worldwide. [...]

Apple on Tuesday revealed that it prevented over $9 billion in fraudulent transactions in the last five years, including more than $2 billion in 2024 alone. The company said the App Store is...

Posted by Mateusz Jurczyk, Google Project Zero In the previous blog post, we focused on the general security analysis of the registry and how to effectively approach finding vulnerabilities in it....

Incorrect connection releasing causing pool exhaustion (CVE-2025-3864) has been found in hackney software.

The Czech Republic says the Chinese-backed APT31 hacking group was behind cyberattacks targeting the country's Ministry of Foreign Affairs and critical infrastructure organizations. [...]

A comprehensive historical breakdown of Zanubis' changes, including RC4 and AES encryption, credentials stealing and new targets in Peru, provided by Kaspersky GReAT experts.

Adidas revealed that customer contact information, including names, emails and phone numbers were accessed by an unauthorized party