LockBit’s dark web domains were hacked, exposing internal data, affiliate tools, and over 60,000 Bitcoin wallets in a…

Education giant Pearson suffered a cyberattack, allowing threat actors to steal corporate data and customer information, BleepingComputer has learned. [...]

The nation-state threat actor known as MirrorFace has been observed deploying malware dubbed ROAMINGMOUSE as part of a cyber espionage campaign directed against government agencies and public...

Cyber incidents targeting OT in US critical infrastructure have prompted renewed federal action

Bitdefender exposes Facebook ad scams using fake crypto sites and celebrity lures to spread malware via malicious desktop…

South African Airways (SAA) announced that it has been impacted by a significant cyber incident that began on... The post Cyber attack disrupts operational systems at South African Airways...

Mergers are pivotal moments in a company’s lifecycle, but alongside the benefits come the challenges of transforming two separate entities into a stronger single organization. From a technical...

An npm package named 'rand-user-agent' has been compromised in a supply chain attack to inject obfuscated code that activates a remote access trojan (RAT) on the user's system. [...]

New LOSTKEYS malware has been identified and linked to COLDRIVER by GTIG, stealing files and system data in targeted attacks

ASEC Blog publishes “Mobile Security & Malware Issue 2st Week of May, 2025”

This report provides statistics, trends, and case details on the distribution volume and attachment threats of phishing emails collected and analyzed in April 2025. The following is a part of the...

A malicious Python package targeting Discord developers with remote access trojan (RAT) malware was spotted on the Python Package Index (PyPI) after more than three years. [...]

FreeDrain is a modern, scalable phishing operation exploiting weaknesses in free publishing platforms to steal cryptocurrency on a global scale.

Google is trying to lock down Search, Chrome, and Android, but ultimately, you're the last line of defense.

Scammers are using fake AI tools and Facebook ads to spread Noodlophile Stealer malware, targeting users with a…

Over the last month, Barracuda Managed XDR’s security solutions, threat intelligence and SOC analysts identified developments that organizations should be aware of, including rises in attempted...

Posted by Jasika Bawa, Andy Lim, and Xinghui Lu, Google Chrome Security Tech support scams are an increasingly prevalent form of cybercrime, characterized by deceptive tactics aimed at extorting...

A persistent malvertising campaign is plaguing Facebook, leveraging the reputations of well-known cryptocurrency exchanges to lure victims into a maze of malware. Since Bitdefender Labs started...

The data dump will likely shed light on LockBit’s recent activity and help law enforcement trace cryptocurrency transactions

The Russia-linked threat actor known as COLDRIVER has been observed distributing a new malware called LOSTKEYS as part of an espionage-focused campaign using ClickFix-like social engineering...

Ransomware operations are using legitimate Kickidler employee monitoring software for reconnaissance, tracking their victims' activity, and harvesting credentials after breaching their networks. [...]

DigiCert survey finds only 5% of global businesses are using post-quantum cryptography

CERT Polska has received a report about 2 vulnerabilities (CVE-2025-3758 and CVE-2025-3759) found in Netis Systems WF2220 software.

The Nmap Project has officially launched the highly anticipated Nmap 7.96, bringing a wealth of new features, performance upgrades, and bug fixes to the popular network scanning tool. As a...

The venture capital firm has over $90 billion in assets under management, including cybersecurity giants.

The UK government is set to prioritize increasing the number of UK organizations who are Cyber Essentials certified over the coming year

Venture capital firm Insight Partners has confirmed that sensitive data for employees and limited partners was stolen in a January 2025 cyberattack. [...]

South African Airways (SAA), the country's flag carrier, has confirmed that it suffered a significant cyber incident on Saturday, May 3, 2025. The SAA data breach caused temporary disruptions to...

Medical technology company Masimo Corporation disclosed that it experienced unauthorized activity on its on-premise network, affecting manufacturing operations.... The post Masimo faces...

Cisco has released software fixes to address a maximum-severity security flaw in its IOS XE Wireless Controller that could enable an unauthenticated, remote attacker to upload arbitrary files to a...