October 17, 2024

APT34, also known as Earth Simnavaz, OilRig, MuddyWater, Crambus, Europium, Hazel Sandstorm, is a threat group associated with Iran's Ministry of Intelligence and Security (MOIS).

October 16, 2024

Iranian cybercriminals are penetrating critical infrastructure organizations to accumulate credentials and network data, which they subsequently sell on cybercriminal platforms.

October 16, 2024

Google, in collaboration with Mandiant security analysts, has reported a concerning trend in 2023 where 70% of disclosed vulnerabilities that were actively exploited were zero-days.

October 16, 2024

A critical flaw has been identified in Kubernetes, an open-source platform used for automating the deployment, scaling, and operation of application containers.

October 16, 2024

ScarCruft, a North Korean threat actor, has been associated with exploiting a zero-day vulnerability in Windows to infect devices with RokRAT malware.

October 16, 2024

The Sidewinder APT group, known to be sponsored by India, has broadened its attack scope, targeting multiple entities across Asia, Africa, the Middle East, and Europe.

October 16, 2024

GitHub has rectified a critical vulnerability in its Enterprise Server that was capable of providing unauthorized access to the affected instances.

October 15, 2024

China's National Computer Virus Emergency Response Center (CVERC) has accused the U.S. and its allies of inventing the Volt Typhoon cyber threat to hide their own cyber espionage activities.

October 14, 2024

A trio of zero-day vulnerabilities in Ivanti's Cloud Service Appliance (CSA) has been leveraged by a highly skilled cyberattacker to breach a target network and carry out malicious activities.

October 14, 2024

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has recently included new vulnerabilities in its Known Exploited Vulnerabilities (KEV) catalog.