The U.S. Defense Intelligence Agency’s 2025 Worldwide Threat Assessment lays out a stark view of an evolving global... The post US DIA 2025 Threat Assessment warns of growing complexity in global...

Everest ransomware leaks Coca-Cola employee data: 1,104 files exposed, including HR, admin roles, IDs, personal details, and internal records.

Cybercriminals impersonate the trusted e-signature brand and send fake Docusign notifications to trick people into giving away their personal or corporate data

How It Works Uncoder AI streamlines threat detection in SentinelOne by automatically transforming raw intelligence into executable event queries. In this case, it focuses on WRECKSTEEL...

How It Works Uncoder AI automates the decomposition of complex IOC-driven detection logic authored in CrowdStrike Endpoint Query Language (EQL). This example centers around the CERT-UA#14283...

How It Works 1. IOC Extraction from Threat Report Uncoder AI automatically parses and categorizes indicators from the incident report (on the left), including: Malicious domains, such as:...

A previously unknown Russian-backed cyberespionage group now tracked as Void Blizzard has been linked to a September 2024 Dutch police security breach. [...]

In October 2024, French ISP "Free" suffered a data breach which was subsequently posted for sale and later, leaked publicly. The data included 14M unique email addresses along with names, physical...

Microsoft has released an emergency update to address a known issue causing some Hyper-V virtual machines with Windows Server 2022 to freeze or restart unexpectedly. [...]

Written by: Diana Ion, Rommel Joven, Yash Gupta Since November 2024, Mandiant Threat Defense has been investigating an UNC6032 campaign that weaponizes the interest around AI tools, in particular...

German sportswear giant Adidas disclosed a data breach after attackers hacked a customer service provider and stole some customers' data. [...]

The Aqara Camera Hub G5 Pro provides AI-powered visual recognition technology with a host of home security features - and it's on sale now.

Manufacturers are using electronic forms, checklists and management capabilities to enhance team engagement and drive continuous improvement.

Chief Editor Renee Bassett introduces the May 2025 trends issue of Automation.com Monthly.

Between February and May 2025, the intrusion set known as Mimo exploited CVE-2025-32432, a critical unauthenticated RCE in Craft CMS, to deploy a multi-stage infection chain observed via...

SilverRAT Source Code leaked on GitHub, exposing powerful malware tools for remote access, password theft, and crypto attacks before removal.

As many as 60 malicious npm packages have been discovered in the package registry with malicious functionality to harvest hostnames, IP addresses, DNS servers, and user directories to a...

Are your web privacy controls protecting your users, or just a box-ticking exercise? This CISO’s guide provides a practical roadmap for continuous web privacy validation that’s aligned with...

Cisco Talos warns of active exploitation of a zero-day vulnerability (CVE-2025-0994) in Cityworks supposedly by Chinese hackers from…

Cyber threats don't show up one at a time anymore. They’re layered, planned, and often stay hidden until it’s too late. For cybersecurity teams, the key isn’t just reacting to alerts—it’s spotting...

We were thrilled by the remarkable interest in speaking at TechCrunch Disrupt 2025, taking place October 27–29 at Moscone West in San Francisco. After an in-depth review process, we’ve selected 20...

2025-05-22 • Recorded Future • Insikt Group • py.cherryspy, vbs.hatvibe Open article on Malpedia

2025-05-22 • Recorded Future • Insikt Group • py.cherryspy, vbs.hatvibe Open article on Malpedia

2025-05-26 • Yonhap News Agency • Kim Boram • elf.bpfdoor Open article on Malpedia

2025-05-22 • Sekoia • Félix Aime, Jeremy Scion Open article on Malpedia

Researchers have released PoC for CVE-2025-32756, a severe security flaw, that is actively being exploited in Fortinet products…

2025-05-22 • Cisco Talos • Asheer Malhotra, Brandon White • win.tetra_loader Open article on Malpedia

The U.S. National Telecommunications and Information Administration (NTIA) supports efforts to enhance submarine cable security but urges the... The post US NTIA backs submarine cable security...

Cleartext Storage of Sensitive Information vulnerability (CVE-2025-4053) has been found in Be-Tech Mifare Classic cards software.

Nova Scotia Power has confirmed it was the victim of a ransomware attack, weeks after initially alerting customers to a cybersecurity breach. The utility, owned by Emera Inc., revealed that the...