Threat intelligence firm GreyNoise is warning of a "coordinated surge" in the exploitation of Server-Side Request Forgery (SSRF) vulnerabilities spanning multiple platforms. "At least 400 IPs have...

The best end-to-end encrypted messaging app has a host of security features. Here are the ones you should care about.

The Cybersecurity and Infrastructure Security Agency confirmed this week that it is cutting funding for cybersecurity intelligence sharing bodies amid a wider campaign of firings and budget cuts...

Facebook is warning that a FreeType vulnerability in all versions up to 2.13 can lead to arbitrary code execution, with reports that the flaw has been exploited in attacks. [...]

During an Advanced Continual Threat Hunt (ACTH) investigation in early February 2025, Trustwave SpiderLabs discovered a resurgence of fake CAPTCHA verifications designed to deceive victims into...

iOS 18.3.2 patches actively exploited WebKit flaw, addressing critical security risks for users

“No Lives Matter” has emerged in recent months as a particularly violent splinter group within the extremist crime network known as Com and 764, and experts are at a loss for how to stop its spread.

In a new round of cuts since Donald Trump became president, 100 people working with the US Cybersecurity and Infrastructure Agency saw their contracts terminated

UNC3886 hackers target Juniper routers with custom backdoor malware, exploiting outdated systems for stealthy access and espionage. Learn how to stay protected.

Follow the 'I'm not a robot' CAPTCHA, and you might just end up with malware on your PC.

2025-03-12 • Mandiant • Frank Tse, Jakub Jozwiak, Logeswaran Nadarajan, Lukasz Lamparski, Mathew Potaczek, Mustafa Nasser, Nick Harbour, Punsaen Boonyakarn, Shawn Chew • elf.tinyshell Open article...

Garantex co-founder Aleksej Besciokov was arrested in India's Kerala on Tuesday under the country's extradition law. © 2024 TechCrunch. All rights reserved. For personal use only.

We’ve been hearing the same story for years: AI is coming for your job. In fact, in 2017, McKinsey printed a report, Jobs Lost, Jobs Gained: Workforce Transitions in a Time of Automation,...

The March update keeps getting worse for Pixel phone users.

CISA says the Medusa ransomware operation has impacted over 300 organizations in critical infrastructure sectors in the United States until last month. [...]

Microsoft on Tuesday released security updates to address 57 security vulnerabilities in its software, including a whopping six zero-days that it said have been actively exploited in the wild. Of...

ASEC Blog publishes Ransom & Dark Web Issues Week 2, March 2025 New ransomware group SecP0 demands ransom for corporate vulnerabilities. Pro-Palestinian hacktivist group RipperSec claims DDoS...

Note This trend report on the deep web and dark web of February 2025 is sectioned into Ransomware, Data Breach, DarkWeb, CyberAttack, and Threat Actor. We would like to state beforehand that some...

On March 5, AhnLab SEcurity intelligence Center (ASEC) found a post recruiting students for a unification-related course, which included a link to download a malicious HWP document. At the time of...

The encrypted messaging app Signal has stopped responding to requests from Ukrainian law enforcement regarding Russian cyber threats, a Ukrainian official claimed, warning that the shift is aiding...

It’s easy for Enterprise architect Marvin Solis to outline Nuvision Credit Union’s business strategy: “The first question we ask ourselves is, ‘How is this going to benefit our members?’” Founded...

Surging machine identities, faster threat detection and fewer vulnerabilities are shaping cloud security according to a new report

2025-03-11 • The Hacker News • Ravie Lakshmanan • win.asyncrat, win.njrat, win.quasar_rat, win.remcos Open article on Malpedia

Mandiant revealed that Chinese espionage actor UNC3886 has deployed modified versions of the TinyShell backdoor across multiple Juniper OS routers

Written by: Lukasz Lamparski, Punsaen Boonyakarn, Shawn Chew, Frank Tse, Jakub Jozwiak, Mathew Potaczek, Logeswaran Nadarajan, Nick Harbour, Mustafa Nasser Introduction In mid 2024, Mandiant...

Tel Aviv, Israel, 12th March 2025, CyberNewsWire

A new Android spyware named 'KoSpy' is linked to North Korean threat actors who have infiltrated Google Play and third-party app store APKPure through at least five malicious apps. [...]

Indian authorities arrested Aleksej Besciokov, the co-founder and one of the administrators of the Russian Garantex crypto-exchange while vacationing with his family in Varkala, India. [...]

This update also re-enables Apple Intelligence for those who previously had turned off this feature. Here's how to fix that, too.

Following last month’s research on a new campaign by the Chinese threat actor Silver Fox, which exploited Philips... The post Forescout widens research on Silver Fox hackers, reveals malware...