Cybersecurity researcher Jeremiah Fowler discovered a 1.2TB database containing over 3 million records of Builder.ai, a London-based AI software and app development company. Discover the risks,...

Some of the world's most popular router and modem models have been connected to several high-profile hacking incidents. (Also, they're made in China.)

Before the elections, the cybersecurity team of U.S. vice president and then-presidential candidate Kamala Harris reached out to Apple asking for help, according to Forbes, after a tool that’s...

The developers of Rspack have revealed that two of their npm packages, @rspack/core and @rspack/cli, were compromised in a software supply chain attack that allowed a malicious actor to publish...

The software development industry is expanding tremendously. It drives up the need for technical people and new solutions.…

Sophos has released hotfixes to address three security flaws in Sophos Firewall products that could be exploited to achieve remote code execution and allow privileged system access under certain...

Dive into the complexities of AWS IAM credentials and uncover how defenders can stay ahead with in-depth knowledge of SDK behaviors and service-specific mechanisms.

Three popular npm packages, @rspack/core, @rspack/cli, and Vant, were compromised through stolen npm account tokens, allowing threat actors to publish malicious versions that installed cryptominers. [...]

The Security Service of Ukraine has accused Russian-linked actors of perpetrating a cyber-attack against the state registers of Ukraine

The LockBitSupp persona said LockBit 4.0 will be launched in February 2025

XSS (Cross-site Scripting) vulnerability (CVE-2024-10385) has been found in DirectAdmin Evolution Skin software.

A now-patched critical security flaw impacting Fortinet FortiClient EMS is being exploited by malicious actors as part of a cyber campaign that installed remote desktop software such as AnyDesk...

The US Department of Justice has charged a Russian-Israeli dual-national for his suspected role in developing malware and managing the infrastructure for the notorious LockBit ransomware group. [...]

The FBI has issued a warning about the Hiatus RAT malware targeting Xiongmai and Hikvision web cameras and DVRs, urging users isolate these devices from networks

This article demonstrates how AI can be used to modify and help detect JavaScript malware. We boosted our detection rates 10% with retraining. The post Now You See Me, Now You Don’t: Using LLMs to...

Discover how Zimperium can help with advanced spyware such as NoviSpy. The post How Zimperium Can Help With Advanced Spyware Such as NoviSpy appeared first on Zimperium.

Discover how Zimperium can help with advanced spyware such as NoviSpy. The post How Zimperium Can Help With Advanced Spyware Such as NoviSpy appeared first on Zimperium.

The US Cybersecurity and Infrastructure Security Agency recommended users turn on phishing-resistant MFA and switch to Signal-like apps for messaging

Sophos has addressed three vulnerabilities in its Sophos Firewall product that could allow remote unauthenticated threat actors to perform SQL injection, remote code execution, and gain privileged...

Sophos has addressed three vulnerabilities in its Sophos Firewall product that could allow remote unauthenticated threat actors to perform SQL injection, remote code execution, and gain privileged...

While investigating an incident involving the BellaCiao .NET malware, Kaspersky researchers discovered a C++ version they dubbed "BellaCPP".

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a critical security flaw impacting BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) products to...

Take a peek into the murky world of cybercrime where groups of scammers who go by the nickname of 'Neanderthals’ wield the Telekopye toolkit to ensnare unsuspecting victims they call 'Mammoths'

2024-12-18 • KELA • KELA’s Research Team Open article on Malpedia

2024-12-18 • Bleeping Computer • Sergiu Gatlan • win.raccoon, win.recordbreaker Open article on Malpedia

2024-12-19 • SpyCloud • James • win.lumma Open article on Malpedia

2024-12-13 • Bleeping Computer • Bill Toulas • apk.badbox Open article on Malpedia

2024-12-17 • BitSight • Pedro Falé • apk.badbox Open article on Malpedia

2024-12-19 • Bleeping Computer • Bill Toulas • apk.badbox Open article on Malpedia

A Dragos report observed 23 new ransomware groups targeting industrial organizations in Q3 2024