The Government Computer Emergency Response Team (CERT-UA) issued an important warning about a series of targeted cyberattacks aimed at employees within Ukraine's defense-industrial complex and...

Today, we are discussing Computer Vision applications, one of the most impactful AI-powered technologies that is reshaping our…

Axelar is a cross-chain bridging protocol. To come to an agreement on whether a cross-chain vote has happened or not, 60% of the stake on Axelar has to approve it. The voting is performed on the...

Researchers have uncovered new and evolving versions of the Albabat ransomware, which now target Windows, Linux, and macOS systems. These updated variants (v2.0.0 and v2.5) show a notable...

On March 21, 2025, CloudSEK reported that a threat actor using the alias "rose87168" is claiming to have exfiltrated over 6 million records from Oracle Cloud’s SSO and LDAP systems. According to...

Federal prosecutors said Matthew Weiss, a former assistant football coach at the University of Michigan, learned hacking skills to breach online databases, primarily targeting information about...

The order accused DOGE of engaging in a "fishing expedition" at the federal agency. © 2025 TechCrunch. All rights reserved. For personal use only.

YouTube videos promoting game cheats are being used to deliver a previously undocumented stealer malware called Arcane likely targeting Russian-speaking users. "What's intriguing about this...

North Korea is reportedly launching a new cybersecurity unit called Research Center 227 within its intelligence agency Reconnaissance General Bureau (RGB). © 2024 TechCrunch. All rights reserved....

Veeam has patched a critical remote code execution vulnerability tracked as CVE-2025-23120 in its Backup & Replication software that impacts domain-joined installations. [...]

Veeam has released security updates to address a critical security flaw impacting its Backup & Replication software that could lead to remote code execution. The vulnerability, tracked as...

In this week’s Threat Source newsletter, William pitches a fun comparison between baseball legend Ichiro Suzuki and the unsung heroes of information security, highlights newly released UAT-5918...

Citizen Lab's investigation reveals sophisticated spyware attacks exploiting WhatsApp vulnerabilities, implicating Paragon Solutions. Learn how their research exposed these threats and the...

CISA has warned U.S. federal agencies to secure their networks against attacks exploiting a high-severity vulnerability in NAKIVO's Backup & Replication software. [...]

Cybersecurity isn't just another checkbox on your business agenda. It's a fundamental pillar of survival. As organizations increasingly migrate their operations to the cloud, understanding how to...

In Part 1 of Fort Knox for Your Data: How Elasticsearch X-Pack Locks Down Your Cluster, we uncovered the dangers of running Elasticsearch with X-Pack disabled and thus, highlighting the ease with...

The FishMonger APT Group has been linked with I-SOON, targeting governments, NGOs and think tanks in cyber-espionage campaigns

In this guest blog post, learn the basics on how to build and maintain an effective AWS security posture leveraging various best practices.

The governments of Australia, Canada, Cyprus, Denmark, Israel, and Singapore are likely customers of spyware developed by Israeli company Paragon Solutions, according to a new report from The...

According to Barracuda Network’s Evolving Landscape of the MSP 2024 report, 38% of managed service providers (MSPs) offer security awareness training (SAT). However, experts say that the...

Threat intelligence startup GreyNoise says it has observed a ‘notable resurgence’ in attack activity © 2024 TechCrunch. All rights reserved. For personal use only.

Two malicious VSCode Marketplace extensions were found deploying in-development ransomware from a remote server, exposing critical gaps in Microsoft's review process. [...]

Regulatory compliance is no longer just a concern for large enterprises. Small and mid-sized businesses (SMBs) are increasingly subject to strict data protection and security regulations, such as...

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a high-severity security flaw impacting NAKIVO Backup & Replication software to its Known Exploited Vulnerabilities (KEV)...

Attackers have started targeting Cisco Smart Licensing Utility (CSLU) instances unpatched against a vulnerability exposing a built-in backdoor admin account. [...]

ASEC Blog publishes “Mobile Security & Malware Issue 3st Week of March, 2025”

A new Zimperium report reveals that rooted Android phones and jailbroken iOS devices face growing threats, with advanced toolkits making detection nearly impossible for cybersecurity researchers.

The CYFIRMA research and advisory team uncovered the VanHelsing ransomware while monitoring various underground forums as part of... The post VanHelsing ransomware uses double extortion on US,...

The EN 18031 series of standards has been published in the Official Journal of the European Union as... The post EN 18031: The stepping stone for product security standardization appeared first on...

Trend Micro researchers discovered and reported the eight-year-old defect to Microsoft six months ago. The company hasn’t made any commitments to patch or remediate the issue. The post...