Hackers have long used Word and Excel documents as delivery vehicles for malware, and in 2025, these tricks are far from outdated. From phishing schemes to zero-click exploits, malicious Office...

Russian authorities said they arrested three people and seized hardware in an operation against Mamont malware, which specializes in stealing money from Android device users.

Your Venmo activity is public by default. Here's why that's a problem and how to fix it.

The European Union Agency for Cybersecurity (ENISA) has released an analysis of the cybersecurity threats to the space... The post ENISA space threat landscape report highlights cybersecurity gaps...

ASEC Blog publishes “Mobile Security & Malware Issue 4st Week of March, 2025”

null MD5 01c466ac5ea1817f23d7bbe5e46fef87 10e7ffbdcf6a3a9cd34ce965efc5e2a7 60de322d3291b416f173d3f543a564fe 63cf524262372fc0e9db338d1d9264ad

AhnLab SEcurity intelligence Center (ASEC) recently identified a phishing malware being distributed in Scalable Vector Graphics (SVG) format. SVG is an XML-based vector image file format commonly...

The International Civil Aviation Organization (ICAO), International Telecommunication Union (ITU) and International Maritime Organization (IMO) recently expressed ‘grave... The post ICAO, ITU, IMO...

Claroty, a cyber-physical systems protection firm, analyzed over 2.25 million Internet of Medical Things (IoMT) devices and more... The post Claroty reports alarming IoMT, OT device risks as...

NeoSystems LLC, vendor of managed services, consulting, and compliant hosting solutions for government contractors, announced Wednesday that it... The post NeoSystems achieves perfect score in...

DDoS attacks don't take much technical expertise to launch these days. Defending against them is more complicated.

DeNexus, vendor of end-to-end cyber risk management for operational technology (OT) in Industrial Enterprises and Critical Infrastructures with... The post DeNexus improves OT vulnerability...

A China-linked cyberespionage group known as 'FamousSparrow' was observed using a new modular version of its signature backdoor 'SparrowDoor' against a US-based trade organization. [...]

Before diving into the Windows 11 2024 update, know that you may encounter some problems. Here's the bug report now.

​​Microsoft has released the KB5053656 preview cumulative update for Windows 11 24H2 with 38 changes, including real-time translation on AMD and Intel-powered Copilot+ PCs and fixes for...

Go-Spoof brings an old tool to a new language. The Golang rewrite [of Portspoof] provides similar efficiency and all the same features of the previous tool but with easier setup and useability....

“We have discovered and reported dozens of zero-day exploits actively used in attacks, but this particular exploit is certainly one of the most interesting we’ve encountered,” researchers from...

Two investigative journalists in Serbia were targeted with advanced commercial spyware last month, Amnesty International said Thursday.

An ongoing campaign that infiltrates legitimate websites with malicious JavaScript injects to promote Chinese-language gambling platforms has ballooned to compromise approximately 150,000 sites to...

It's using AI to score notifications based on importance, so mundane events like cars driving by won't flood your phone with alerts.

Cary, North Carolina, 27th March 2025, CyberNewsWire

ESET researchers also examine the growing threat posed by tools that ransomware affiliates deploy in an attempt to disrupt EDR security solutions

​In May, Microsoft plans to roll out a new Windows scheduled task that launches automatically to help Microsoft Office apps load faster. [...]

The ICO’s Deputy Commissioner told Infosecurity that organizations that fail to implement MFA and suffer a breach can expect heavy penalties

A new report sheds light on the most targeted WordPress plugin vulnerabilities hackers used in the first quarter of 2025 to compromise sites. [...]

Cybersecurity researcher Jeremiah Fowler discovered a data exposure at Australian fintech Vroom by YouX, exposing 27,000 records, including driver's licenses, bank statements, and more.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two six-year-old security flaws impacting Sitecore CMS and Experience Platform (XP) to its Known Exploited...

A critical security flaw has been disclosed in NetApp SnapCenter that, if successfully exploited, could allow privilege escalation. SnapCenter is an enterprise-focused software that's used to...

Once considered inactive, the Chinese cyber espionage group FamousSparrow has reemerged, targeting organizations across the US, Mexico and Honduras

Understanding trends amidst noise: tracking shifts in security alerts allows cloud defenders to parse threats from attackers targeting IAM, storage and more. The post Cloud Threats on the Rise:...