HaveIbeenPwned (HIBP) website has significantly expanded its database with hundreds of millions of newly compromised credentials extracted by hackers though infostealer logs.

Microsoft has removed two popular VSCode extensions, 'Material Theme - Free' and 'Material Theme Icons - Free,' from the Visual Studio Marketplace for allegedly containing malicious code. [...]

Ransomware groups now steal, encrypt, and threaten to leak company data on the dark web, forcing victims to pay or risk exposing sensitive information.

SESC catches every single move in real-world attack simulations

2025 Trustwave Risk Radar Report Unveils Top Cyber Threats to Manufacturing: Discover the key cybersecurity challenges facing the manufacturing sector in 2025, including ransomware, phishing, and...

The Black Basta ransomware group has fallen off dramatically in 2025, and chat logs leaked recently show that internal squabbling may be behind the group’s slowed activity. Cyble threat...

A 21-year-old East London resident tied to a "Com" cybercrime network has been convicted of fraud and making indecent images of children, authorities said.

Despite employers requiring their employees to complete yearly cybersecurity training courses, human-driven cybersecurity breaches still happen. The problem could even get substantially worse as...

Meredith Whittaker, Signal's CEO, has threatened to pull the company out of Sweden if a proposed government bill requiring encryption backdoors becomes law

Sweden’s proposal to mandate encryption backdoors faces backlash from Signal, cybersecurity experts, and even its military over privacy and security risks.

A DHS and Cybercom alum shares initial reactions to and future considerations for the JCDC AI Cybersecurity Collaboration Playbook. The post CISA’s AI cybersecurity playbook calls for greater...

A malicious PyPi package named 'automslc' has been downloaded over 100,000 times from the Python Package Index since 2019, abusing hard-coded credentials to pirate music from the Deezer streaming...

​Forensic investigators have found that North Korean Lazarus hackers stole $1.5 billion from Bybit after hacking a developer's device at the multisig wallet platform Safe{Wallet}. [...]

The immensely popular memecoin generator Pump.fun had its X account hacked to promote a fake "PUMP" token cryptocurrency scam. [...]

Koi Stealer and RustDoor malware were used in a campaign linked to North Korea. This activity targeted crypto wallet owners. The post RustDoor and Koi Stealer for macOS Used by North Korea-Linked...

HaveIBeenPwned has added over 500 million new passwords and email addresses lifted via infostealers

Following the investigation into UAC-0212’s increasing activity against multiple organizations in Ukraine’s critical infrastructure sector, CERT-UA notifies the global cyber defender community of...

The Australian Department of Home Affairs has mandated that government entities must prevent the installation of products and... The post Australia bans Kaspersky Lab products on government...

IVF clinic Genea has confirmed that stolen patient data has been published online, with the Termite ransomware group appearing to be the perpetrators

New research from Forescout Technologies’ Vedere Labs has recognized that the healthcare sector continues to be a prime... The post Forescout details Silver Fox campaign targeting healthcare with...

Genea gets a court injunction after ransomware gang Termite claims to have leaked patient information © 2024 TechCrunch. All rights reserved. For personal use only.

A threat actor tracked as 'EncryptHub,' aka Larva-208, has been targeting organizations worldwide with spear-phishing and social engineering attacks to gain access to corporate networks. [...]

Xona, a provider of secure access solutions for critical infrastructure, announced a partnership with OTconnect, a cybersecurity leader... The post Xona and OTconnect unite to revolutionize secure...

A data breach at DISA Global Solutions exposed the personal information of 3.3 million. Learn what data was…

A data breach at DISA Global Solutions, a firm providing background checks, and drugs and alcohol testing services,…

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday placed two security flaws impacting Microsoft Partner Center and Synacor Zimbra Collaboration Suite (ZCS) to its Known...

Data exposed even briefly can live on in generative AI chatbots long after the data is made private. © 2024 TechCrunch. All rights reserved. For personal use only.

Data exposed even briefly can live on in generative AI chatbots long after the data is made private. © 2024 TechCrunch. All rights reserved. For personal use only.

Windows Active Directory (AD) service accounts are prime cyber-attack targets due to their elevated privileges and automated/continuous access to important systems. Learn from Specops Software...

This report provides statistics on vulnerabilities and exploits and discusses the most frequently exploited vulnerabilities in Q4 2024.