A recently disclosed security flaw in Gladinet CentreStack also impacts its Triofox remote access and collaboration solution, according to Huntress, with seven different organizations compromised...

Google is rolling out a new security mechanism on Android devices that will automatically reboot locked, unused devices after three consecutive days of inactivity, restoring memory to an encrypted...

This week, our Year in Review spotlight is on ransomware—where low-profile tactics led to high-impact consequences. Download our 2 page ransomware summary, or watch our 55 second video.

Microsoft warned Windows users of increased CPU usage when typing while using recent versions of the classic Outlook email client. [...]

Meta has announced that it will begin to train its artificial intelligence (AI) models using public data shared by adults across its platforms in the European Union, nearly a year after it paused...

Representatives from 20 allied governments and national agencies participated in a NATO-led exercise focused on strengthening mutual cyber... The post NATO allies boost cyber defense coordination,...

Morphisec Labs has detailed a newly discovered remote access trojan (RAT) dubbed ResolverRAT, which employs advanced in-memory execution,... The post ResolverRAT malware attacks pharma and...

A UK man has been sentenced to over eight years for masterminding £100m phishing platform LabHost

Kaspersky expert discusses the challenges of assessing the security of industrial facilities and the role of the professional community in their protection, the reasons behind security issues in...

ZDNET's pick for best value VPN just got cheaper. Through April 30, you can save and score three months free on Surfshark VPN and antivirus plans.

The State of Pentesting Report 2025 pulls back the curtain on how organizations are really doing when it comes to cybersecurity. The report offers a candid look at the gap between perception and...

There are legitimate uses for cookies but they have a dark side too.

2025-04-14 • Morphisec • Nadav Lorber • win.resolver_rat Open article on Malpedia

2025-04-14 • Palo Alto Networks Unit 42 • Prashil Pattni • py.rn_stealer Open article on Malpedia

Cyble researchers have uncovered ransomware called DOGE BIG BALLS, a ransomware that not just stands out but also presents its technical prowess for audacious psychological manipulation. This...

Australian organizations using Fortinet products are being urged to take immediate action following a new advisory highlighting the active exploitation of previously known vulnerabilities. The...

President Trump last week revoked security clearances for Chris Krebs, the former director of the Cybersecurity and Infrastructure Security Agency (CISA) who was fired by Trump after declaring the...

Discover how integrating threat intelligence into your cybersecurity strategy can lead to smarter, more efficient security investments. Learn practical approaches to optimize your security budget...

an AWS security breach that severely impacted a growing SaaS company. An attacker gained access to administrator-level credentials and exploited architectural flaws to compromise both staging and...

Cybersecurity researchers have discovered a new, sophisticated remote access trojan called ResolverRAT that has been observed in attacks targeting healthcare and pharmaceutical sectors. "The...

Learn how to harness the benefits of Model Context Protocol (MCP)-enabled AI systems without introducing risks to your organization.

NVIIA's incomplete security patch, combined with a Docker vulnerability, creates a serious threat for organizations using containerized environments. This article explains the risks and mitigation...

Microsoft held off on releasing the privacy-unfriendly feature after a swell of pushback last year. Now it’s trying again, with a few improvements that skeptics say still aren't enough.

Machine or programmatic identities, such as services, apps, scripts, bots, and other automated agents, are all working behind the scenes to automate workflows. In other words, machines and systems...

Car rental giant Hertz Corporation warns it suffered a data breach after customer data for its Hertz, Thrifty, and Dollar brands was stolen in the Cleo zero-day data theft attacks. [...]

Car rental giant Hertz Corporation warns it suffered a data breach after customer data for its Hertz, Thrifty, and Dollar brands was stolen in the Cleo zero-day data theft attacks. [...]

Cheap Android phones with preinstalled malware use fake apps like WhatsApp to hijack crypto transactions and steal wallet recovery phrases.

Cybersecurity researchers are calling attention to a new type of credential phishing scheme that ensures that the stolen information is associated with valid online accounts. The technique has...

The car rental giant attributed the breach to Cleo, whose customers had data stolen by a ransomware gang in 2024.

Symantec’s integration with Google’s Cloud WAN delivers up to 100X the bandwidth of competing solutions by eliminating complexity and scalability concerns of traditional GRE VPN connections