The threat actor known as EncryptHub exploited a recently-patched security vulnerability in Microsoft Windows as a zero-day to deliver a wide range of malware families, including backdoors and...

Morse Corp Inc., a Massachusetts-based defense contractor, has agreed to pay $4.6 million to resolve allegations of cybersecurity fraud under the False Claims Act. The U.S. Department of Justice...

The Russian-speaking hacking group called RedCurl has been linked to a ransomware campaign for the first time, marking a departure in the threat actor's tradecraft. The activity, observed by...

The Trump cabinet’s shocking leak of its plans to bomb Yemen raises myriad confidentiality and legal issues. The security of the encrypted messaging app Signal is not one of them.

CVE-2025-22230 is described as an "authentication bypass vulnerability" by Broadcom, allowing hackers to perform high-privilege operations without the necessary credentials.

One academic who reviewed the dataset said it was "clear evidence" that China, or its affiliates, wants to use AI to improve repression.

Security researchers at ReversingLabs have discovered a new malware campaign on the npm package repository, revealing a new…

Need serious privacy on a regular basis? Work with these distributions, and you'll leave no trace. There's even a Windows and MacOS option.

Are you backing up all of your applications and data types? Is your backup secure? World Backup Day is the perfect time for you to spend some time evaluating your data protection.

Cybersecurity researchers have discovered two malicious packages on the npm registry that are designed to infect another locally installed package, underscoring the continued evolution of software...

“A boxer derives the greatest advantage from his sparring partner…” — Epictetus, 50–135 AD Hands up. Chin tucked. Knees bent. The bell rings, and both boxers meet in the center and circle. Red...

Researchers have uncovered a critical vulnerability (CVE-2025-29927) in Next.js middleware, allowing authorization bypass. Learn about the exploit and fixes.

In its 2025 Global Third-Party Breach Report, SecurityScorecard has found that 35.5% of all cyber breaches in 2024 were third-party related, up from 29% in 2023

The proliferation of scarily realistic deepfakes is one of the more pernicious byproducts of the rise of AI, and falling victim to scams based on them is already costing companies millions of...

Despite Oracle denying a breach of its Oracle Cloud federated SSO login servers and the theft of account data for 6 million people, BleepingComputer has confirmed with multiple companies that...

Researchers aren’t aware of active exploitation in the wild, but they warn the risk for publicly exposed and unpatched Ingress Nginx controllers is extremely high. The post String of defects in...

Researchers aren’t aware of active exploitation in the wild, but they warn the risk for publicly exposed and unpatched Ingress Nginx controllers is extremely high. The post String of defects in...

“We applaud Chairman Carr’s leadership in advancing common-sense regulatory reform. Modernizing these outdated rules will allow for greater investment in critical network infrastructure, ensuring...

Incorrect Privilege Assignment vulnerability (CVE-2025-2098) has been found in Fast CAD Reader (Beijing Honghu Yuntu Technology) application.

When people think of cybersecurity threats, they often picture external hackers breaking into networks. However, some of the most damaging breaches stem from within organizations. Whether through...

APT groups from China were ranked among the top global cyber threats alongside North Korea, russia, and Iran, showcasing heightened offensive capabilities and posing significant challenges to the...

Colin Ahern sat down with Recorded Future News earlier this year to discuss New York’s efforts to protect local governments from ransomware and more.

AI tools will be used in your work—here’s how to make them safe

ASEC Blog publishes Ransom & Dark Web Issues Week 4, March 2025 * New ransomware group Arkana Security claims attack on a US telecommunications company. * New ransomware group Frag claims attacks...

Overview Mark of the Web (MoTW) is a Windows feature that identifies files downloaded from the Internet and displays a security warning, as well as restricts the files to be executed with a...

2025-03-15 • Github (TheRavenFile) • Rakesh Krishnan • py.anubisbackdoor Open article on Malpedia

ESET researchers discover new ties between affiliates of RansomHub and of rival gangs Medusa, BianLian, and Play

ESET researchers uncover the toolset used by the FamousSparrow APT group, including two undocumented versions of the group’s signature backdoor, SparrowDoor

Cloud-based streaming company StreamElements confirms it suffered a data breach at a third-party service provider after a threat actor leaked samples of stolen data on a hacking forum. [...]

Threat actors are leveraging an e-crime tool called Atlantis AIO Multi-Checker to automate credential stuffing attacks, according to findings from Abnormal Security. Atlantis AIO "has emerged as a...