Microsoft exposes Storm-2139, a cybercrime network exploiting Azure AI via LLMjacking. Learn how stolen API keys enabled harmful…

One of the most notorious providers of abuse-friendly "bulletproof" web hosting for cybercriminals has started routing its operations through networks run by the Russian antivirus and security...

Not getting enough views or traffic to your podcasts? Try this stunning AI audio-to-video generator to transform your…

Remote Desktop Protocol (RDP) is an amazing technology developed by Microsoft that lets you access and control another computer over a network. It’s like having your office computer with you...

Amnesty International said that Google fixed previously unknown flaws in Android that allowed authorities to unlock phones using forensic tools. On Friday, Amnesty International published a report...

U.S. authorities recovered $31 million in cryptocurrency stolen in 2021 cyberattacks on Uranium Finance, a Binance Smart Chain-based DeFi protocol. [...]

Cybersecurity researchers have uncovered a widespread phishing campaign that uses fake CAPTCHA images shared via PDF documents hosted on Webflow's content delivery network (CDN) to deliver the...

360XSS campaign exploits Krpano XSS to hijack search results & distribute spam ads on 350+ sites, including government,…

The internet is crucial to today’s digital landscape. As consumers, we rely on the internet daily to communicate with others and navigate the world. For organizations, the internet is the...

JavaGhost uses compromised AWS environments to launch phishing campaigns. Thai police arrest suspected hacker behind more than 90 data leaks. Lotus Blossum cyberespionage campaigns target Southeast Asia.

Experts share a powerful framework and strategies for effective board meeting preparation and communication.

School student records. Federal government data. Health records and more. Expect an unprecedented year for data breaches. © 2024 TechCrunch. All rights reserved. For personal use only.

Microsoft on Thursday unmasked four of the individuals that it said were behind an Azure Abuse Enterprise scheme that involves leveraging unauthorized access to generative artificial intelligence...

A dataset used to train large language models (LLMs) has been found to contain nearly 12,000 live secrets, which allow for successful authentication. The findings once again highlight how...

2025-02-27 • Check Point Research • Itay Cohen Open article on Malpedia

2025-02-27 • Palo Alto Networks Unit 42 • Lior Rochberger, Tom Fakterman • elf.finaldraft, win.finaldraft Open article on Malpedia

The threat actor known as Sticky Werewolf has been linked to targeted attacks primarily in Russia and Belarus with the aim of delivering the Lumma Stealer malware by means of a previously...

For legitimate purposes, these VPNs are the best options available for supporting safe, secure, and speedy downloads.

“Operation Cumberland,” led by Danish law enforcement, included the arrests of more than two dozen suspected members of a group distributing sexual images of minors generated by artificial intelligence.

The Click Here podcast caught up with Anne Neuberger, the former White House deputy national security advisor for cyber and emerging technologies on the sidelines of this year’s Munich Security Conference.

2025-02-25 • Félix Aime, Jeremy Scion, Sekoia TDR • elf.polaredge Open article on Malpedia

Data from Resilience found that third-party attacks made up 23% of material cyber insurance claims in 2024, with ransomware attacks targeting vendors a major driver

Black Basta chat logs reveal threat intel, Termite ransomware leaks patient data on the dark web, and Ghostwriter targets Belarusian opposition.

The hackers reportedly exploited a flaw in US cybersecurity firm Barracuda’s software to access VSSE's email server © 2024 TechCrunch. All rights reserved. For personal use only.

Researchers from Modat detailed a significant global security risk stemming from misconfigured and inadequately secured access management systems... The post Modat researchers reveal massive AMS...

2025-02-24 • Palo Alto Networks Unit 42 • Alex Armstrong Open article on Malpedia

The Qilin ransomware gang has claimed responsibility for the attack at Lee Enterprises that disrupted operations on February 3, leaking samples of data they claim was stolen from the company. [...]

2025-02-24 • EUR-Lex • Official Journal of the European Union Open article on Malpedia

2025-02-26 • FBI • IC3 Open article on Malpedia

2025-02-27 • Elastic • Ruben Groenewoud • sh.panix Open article on Malpedia