The FBI has issued a public appeal for information concerning an ongoing cyber campaign targeting US telecommunications infrastructure, attributed to actors affiliated with the People's Republic...

Silent Push reveals a complex scheme where North Korean hackers posed as crypto companies, using AI and fake…

British retailer giant Marks & Spencer (M&S) has suspended online orders while working to recover from a recently disclosed cyberattack. [...]

African mobile giant MTN Group announced that a cybersecurity incident has compromised the personal information of some of its subscribers in certain countries. [...]

The Cyber Security Agency of Singapore (CSA) has warned users about a critical vulnerability affecting the Commvault Command Center. This Commvault vulnerability, identified as CVE-2025-34028, has...

Panaseer's latest cybersecurity study revealed that US companies have paid $155M in data breach lawsuit settlements over just six months

A recent Windows security update that creates an 'inetpub' folder has introduced a new weakness allowing attackers to prevent the installation of future updates. [...]

​Baltimore City Public Schools notified tens of thousands of employees and students of a data breach following an incident in February when unknown attackers hacked into its network. [...]

Kaspersky expert has discovered a new version of the Triada Trojan, with custom modules for Telegram, WhatsApp, TikTok, and other apps.

How It Works Understanding the steps adversaries take during an attack can be critical for detection logic and defense prioritization. Uncoder AI introduces a new capability: transforming raw...

How It Works The MITRE ATT&CK framework is the gold standard for structuring detection logic by adversary techniques. But tagging Sigma rules manually with appropriate ATT&CK techniques is a...

How It Works In fast-paced detection engineering, syntax mistakes and structural oversights happen — especially when working across multiple platforms or under tight response deadlines. Catching...

Backslash Security found that naïve prompts resulted in code vulnerable to at least four of the of the 10 most common vulnerabilities across popular LLMs

WestExec Advisors announced on Thursday that Laura Galante, former Director of the Cyber Threat Intelligence Integration Center and... The post Laura Galante joins WestExec Advisors as Principal,...

Darktrace, a vendor of AI for cybersecurity solutions, announced this week enhancements to its Network Detection and Response... The post Darktrace enhances NDR capabilities with AI-powered...

Somos Inc., a vendor of connected device security intelligence services, identity management, and fraud prevention, announced its partnership... The post Somos, Finite State partner to boost...

SAP has released out-of-band emergency updates for NetWeaver to fix an actively exploited remote code execution (RCE) vulnerability used to hijack servers. [...]

SAP has released out-of-band emergency NetWeaver updates to fix a suspected remote code execution (RCE) zero-day flaw actively exploited to hijack servers. [...]

Check out highlights from this year’s Verizon DBIR, including a surge in zero-day exploits targeting edge devices and VPNs. Plus, find out what’s new in the latest version of MITRE ATT&CK. Also,...

Look out for AI-generated 'TikDocs' who exploit the public's trust in the medical profession to drive sales of sketchy supplements

2025-04-17 • Trustwave • Dawid Nesterowicz, Pawel Knapczyk • win.strelastealer, win.targetcompany, win.xworm Open article on Malpedia

2025-04-16 • HarfangLab • HarfangLab CTR • win.pteranodon Open article on Malpedia

2025-04-16 • SpyCloud • Aurora Johnson, Keegan Keplinger • elf.blackbasta, win.blackbasta Open article on Malpedia

2025-04-16 • Intel 471 • Intel 471 Open article on Malpedia

2025-04-17 • FORTRA • Max Ickert Open article on Malpedia

2025-04-23 • Porthas • Hassan Faraz, Mohamed Talaat Open article on Malpedia

2025-04-15 • Orange Cyberdefense • André Henschel, Friedl Holzner • win.blackbasta, win.darkgate, win.lumma Open article on Malpedia

2025-04-23 • Trend Micro • Feike Hacquebord, Stephen Hilt • js.beavertail, py.invisibleferret Open article on Malpedia

2025-04-23 • Medium b.magnezi • 0xMrMagnezi • win.asyncrat Open article on Malpedia

2025-04-24 • 0xreverse • Utku Çorbacı Open article on Malpedia