April 3, 2023

The cyberattack on 3CX's VoIP desktop application, which led to the distribution of information-stealing software to the company's customers, is believed to have been carried out by the Lazarus Group.

April 3, 2023

The Cybersecurity and Infrastructure Security Agency (CISA) has warned federal agencies to patch a Zimbra Collaboration (ZCS) cross-site scripting flaw, which has been exploited by Russian hackers to steal emails in attacks targeting NATO countries.

April 3, 2023

Europe, the United States, and Australia appear to be the most affected by the 3CX supply chain hack, according to data from cybersecurity firms Fortinet and BlackBerry.

March 31, 2023

A 10-year-old Windows vulnerability, CVE-2013-3900, continues to be exploited in attacks, making it appear that executables are legitimately signed.

March 30, 2023

A Russian hacking group known as TA473, or 'Winter Vivern,' has been exploiting vulnerabilities in unpatched Zimbra endpoints to access the emails of NATO officials, governments, military personnel, and diplomats since February 2023.

March 30, 2023

Microsoft has recently patched a critical remote code execution (RCE) vulnerability in its Azure Service Fabric component.

March 30, 2023

Multiple malware botnets have been actively targeting Cacti and Realtek vulnerabilities in campaigns detected between January and March 2023, spreading ShellBot and Moobot malware.

March 29, 2023

A critical bug in IBM's Aspera Faspex file transfer stack, tracked as CVE-2022-47986, is catching the attention of cybercriminals, including ransomware gangs, as organizations fail to patch.

March 29, 2023

Google's Threat Analysis Group (TAG) has shared information about two distinct, highly targeted campaigns that employed multiple zero-day and n-day exploits against Android, iOS, and Chrome devices.

March 29, 2023

Australian casino giant Crown Resorts has confirmed that the Cl0p ransomware group contacted them to claim the theft of data as part of the GoAnywhere attack.