New mobile apps from the Chinese artificial intelligence (AI) company DeepSeek have remained among the top three "free" downloads for Apple and Google devices since their debut on Jan. 25, 2025....

2025-01-29 • SecurityScorecard • SecurityScorecard STRIKE Team • js.beavertail, py.invisibleferret Open article on Malpedia

2025-02-04 • Trend Micro • Peter Girnus • win.smokeloader Open article on Malpedia

Bogus websites advertising Google Chrome have been used to distribute malicious installers for a remote access trojan called ValleyRAT. The malware, first detected in 2023, is attributed to a...

Ransomware attacks netted cybercrime groups a total of $813.5 million in 2024, a decline from $1.25 billion in 2023. The total amount extorted during the first half of 2024 stood at $459.8...

Thorsten examines last year’s CVE list and compares it to recent Talos Incident Response trends. Plus, get all the details on the new vulnerabilities disclosed by Talos’ Vulnerability Research Team.

Following allegations of potential abuse, Paragon Solutions has cut off Italy from its spyware systems. © 2024 TechCrunch. All rights reserved. For personal use only.

Barracuda's flexible deployment options ensure that businesses of all sizes and industries can implement advanced email security in a way that aligns with their operational requirements, technical...

US and Europol dismantle neo-Nazi child abuse network in global crackdown against online exploitation

Ransomware payments dropped 35% in 2024 due to law enforcement crackdowns and stronger cyber defenses, forcing attackers to adapt with new tactics.

A new malware campaign dubbed SparkCat has leveraged a suit of bogus apps on both Apple's and Google's respective app stores to steal victims' mnemonic phrases associated with cryptocurrency...

Privileged Access Management (PAM) has emerged as a cornerstone of modern cybersecurity strategies, shifting from a technical necessity to a critical pillar in leadership agendas. With the PAM...

The North Korea-linked nation-state hacking group known as Kimsuky has been observed conducting spear-phishing attacks to deliver an information stealer malware named forceCopy, according to new...

You arrive at the office, power up your system, and panic sets in. Every file is locked, and every system is frozen. A ransom demand flashes on your screen: "Pay $2 million in Bitcoin within 48...

Patchstack urges admins to patch new WordPress ASE plugin vulnerability that lets users restore previous admin privileges

Russian intelligence services are using messaging apps and online forums to recruit Ukrainian citizens for terrorist attacks, promising quick payoffs, according to Ukraine’s law enforcement.

DeepSeek-R1 LLM fails 58% of jailbreak attacks in Qualys security analysis. Learn about the vulnerabilities, compliance concerns, and risks for enterprise adoption.

The fixes secure several WiFi 6 access points and Nighthawk Pro Gaming routers from two critical bugs.

Mark E. Green, a Republican representative from Tennessee and the chairman of the U.S. House Committee on Homeland... The post Cyber PIVOTT Act reintroduced to address critical cybersecurity...

The U.S. Cybersecurity and Infrastructure Security Agency (CISA), in partnership with international and other U.S. organizations, released this... The post CISA, NSA, global partners issue...

The U.S. Health-ISAC published a whitepaper addressing the tasks needed to maintain the cyber resilience of medical devices... The post US Health-ISAC whitepaper highlights cybersecurity...

A widely used python module for machine-learning developers can be loaded with malware and bypass detection measures. The post Hugging Face platform continues to be plagued by vulnerable ‘pickles’...

Microsoft warns that attackers are deploying malware in ViewState code injection attacks using static ASP. NET machine keys found online. [...]

Artificial intelligence (AI) is not just a buzzword or a futuristic movie plot — it’s a transformative force reshaping industries and redefining our daily lives. At home, AI-powered virtual...

The company has upped its reward for red-teaming Constitutional Classifiers. Here's how to try.

EmberOT, provider of industrial asset and network monitoring solutions, is pleased to announce that Simon Chassar has joined... The post Simon Chassar now part of EmberOT industrial security...

This new independent non-profit was set up by the UK insurance industry to bring more transparency around cyber events

Here's what happened, what Grubhub has done about it, and what you should do too.

ASEC Blog publishes “Android Malware & Security Issue 1st Week of February, 2025”

Overview AhnLab is monitoring Advanced Persistent Threat (APT) attacks in South Korea using its own infrastructure. This report covers the classification and statistics of APT attacks in South...