May 5, 2024

Both NATO and the European Union have issued statements condemning the cyber espionage activities conducted by the APT28 threat actor, which is linked to Russia.

May 2, 2024

A previously unseen botnet, termed Goldoon, is exploiting a critical security flaw in D-Link routers that dates back nearly a decade.

May 1, 2024

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about active exploitation of a high-severity GitLab vulnerability.

April 30, 2024

Cyberattackers are increasingly using removable media, specifically USB devices, to infiltrate operational technology (OT) networks.

April 29, 2024

A newly identified security vulnerability in the R programming language could be exploited to execute code when a malicious RDS file is loaded and referenced.

April 29, 2024

Multiple vulnerabilities have been identified in Brocade's SANnav storage area network (SAN) management application, posing a potential threat to affected devices.

April 28, 2024

Deep Instinct Threat Lab has detected a targeted cyber operation against Ukraine that exploits a nearly seven-year-old vulnerability in Microsoft Office.

April 25, 2024

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has updated its Known Exploited Vulnerabilities (KEV) catalog to include significant flaws in Cisco's Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) firewalls, and CrushFTP's Virtual File System (VFS).

April 25, 2024

The Lazarus Group, a North Korean threat actor, has been discovered using a new remote access trojan (RAT) named Kaolin RAT.

April 25, 2024

Over 1,400 CrushFTP servers that are accessible online have been identified as being susceptible to a critical server-side template injection (SSTI) vulnerability, which is currently under active exploitation.