December 22, 2023

A new phishing campaign is exploiting the unfamiliarity of the security community with the Nim programming language to deliver a backdoor.

December 22, 2023

The threat actor UAC-0099 is exploiting a high-risk vulnerability in WinRAR software to deploy the LONEPAGE malware against Ukrainian organizations.

December 22, 2023

Microsoft has alerted the Defense Industrial Base (DIB) sector about a new threat from a backdoor named 'FalseFont'.

December 21, 2023

An unidentified threat group, referred to as 'BattleRoyal', has been conducting various social engineering campaigns this fall, targeting organizations in North America.

December 20, 2023

Google has issued urgent updates to address yet another Chrome zero-day vulnerability that has been exploited in the wild, marking the eighth such vulnerability patched since the year began.

December 20, 2023

Ivanti, a software company, has issued security patches for 13 critical vulnerabilities in its Avalanche enterprise mobile device management (MDM) solution.

December 20, 2023

Cybercriminals are leveraging a six-year-old vulnerability in Microsoft Office to distribute spyware via a complex email campaign.

December 20, 2023

WordPress, the platform driving more than 43% of all online sites, is often the focus of cybercriminals' activities.

December 19, 2023

Comcast's Xfinity is alerting its customers to a data breach resulting from a cyberattack that utilized the CitrixBleed vulnerability.

December 19, 2023

This week, researchers revealed details about two security flaws found in Microsoft Outlook that when combined, enable attackers to execute arbitrary code on the affected systems without requiring any user intervention.