Network edge devices — hardware that powers firewalls, VPNs and network routers — have quickly moved up the list of attackers’ preferred intrusion points into enterprise networks. While dozens of...

From crypto kingpins to sophisticated scammers, these are the lesser-known hacking groups that should be on your radar.

Though less well-known than groups like Volt Typhoon and Salt Typhoon, Brass Typhoon, or APT 41, is an infamous, longtime espionage actor that foreshadowed recent telecom hacks.

Despite their hacktivist front, CyberAv3ngers is a rare state-sponsored hacker group bent on putting industrial infrastructure at risk—and has already caused global disruption.

Allegedly responsible for the theft of $1.5 billion in cryptocurrency from a single exchange, North Korea’s TraderTraitor is one of the most sophisticated cybercrime groups in the world.

After a series of setbacks, the notorious Black Basta ransomware gang went underground. Researchers are bracing for its probable return in a new form.

For the past decade, this group of FSB hackers—including “traitor” Ukrainian intelligence officers—has used a grinding barrage of intrusion campaigns to make life hell for their former countrymen...

Millions of scam text messages are sent every month. The Chinese cybercriminals behind many of them are expanding their operations—and quickly innovating.

Network edge devices — hardware that powers firewalls, VPNs and network routers — have quickly moved up the list of attackers’ preferred intrusion points into enterprise networks. While dozens of...

CA/Browser Forum members have voted in favor of shortening TLS/SSL certificate lifespans to 47 days

Microsoft says some users might see 0x80070643 installation failures when trying to deploy the April 2025 Windows Recovery Environment (WinRE) updates. [...]

2025-04-11 • Reliaquest • RELIAQUEST THREAT RESEARCH TEAM Open article on Malpedia

0/ TL;DR

North Korean state-sponsored group Slow Pisces (Jade Sleet) targeted crypto developers with a social engineering campaign that included malicious coding challenges. The post Slow Pisces Targets...

Experts have warned that threat actors could hijack AI hallucinations in “slopsquatting” attacks

Each Monday, the Tenable Exposure Management Academy provides the practical, real-world guidance you need to shift from vulnerability management to exposure management. In this post, we feature...

Academic institutions have a unique set of characteristics that makes them attractive to bad actors. What's the right antidote to cyber-risk?

Hackers exploit Fortinet flaws to plant stealth backdoors on FortiGate devices, maintaining access even after patches. Update to…

Microsoft has released emergency Windows updates to address a known issue affecting local audit logon policies in Active Directory Group Policy. [...]

Data breach at Laboratory Services Cooperative (LSC) exposed the sensitive health and personal information of 1.6 million individuals…

In this episode of The Cyber Express Podcast, Augustin Kurian, Editor-in-Chief of The Cyber Express, sits down with Zahid Altaf, Senior Manager of Data Protection and Security Awareness at Majid...

According to references spotted on OpenAI's website, the Microsoft-backed AI startup is planning to launch five new models this week, including GPT-4.1, 4.1 nano, and 4.1 mini. [...]

By Salleh Kodri, SE Regional Manager, Cyble Southeast Asia is undergoing rapid digital transformation—bringing a surge in cybercrime that threatens national security, public trust, and regional...

Microsoft warned IT admins that some Windows Server 2025 domain controllers might become inaccessible after a restart, causing apps and services to fail or remain unreachable. [...]

Trend Micro uncovered a previously unseen controller used in BPFDoor campaigns, attributing it to Earth Bluecrow (also known as Red Menshen), a state-sponsored APT group. BPFDoor is a stealthy...

1) Introduction During the breach investigation process, the AhnLab SEcurity intelligence Center (ASEC) discovered a new operation related to the Kimsuky group and named it Larva-24005.1 The...

​Google is fixing a long-standing privacy issue that, for years, enabled websites to determine users' browsing history through the previously visited links. [...]

Growing hostile cyber threats and attacks have led to a surge in critical organizations increasingly focusing their resources... The post Addressing role of network segmentation, perimeter...

An email sent by the Department of Homeland Security instructs people in the US on a temporary legal status to leave the country. But who the email actually applies to—and who actually received...

In March 2025, data from Samsung Germany was compromised in a data breach of their logistics provider, Spectos. Allegedly due to credentials being obtained by malware running on a Spectos...