The group compromised at least 10 regional organizations, including two state-owned entities, and deployed a new backdoor.
Attackers don't need any special authentication to reach a target endpoint — they just need to know where it is.
As AI reshapes cybersecurity workflows, John Paul Cunningham, CISO at SIlverfort, says there are more ways than ever to break ...
Separate but similar campaigns described by Microsoft and Trend Micro use malicious zip files to spread malware via social ...
The infostealer was delivered via CVE-2026-48558, a critical authentication bypass vulnerability in SimpleHelp.
One critical vulnerability, among many discovered by a researcher, could have allowed anyone to walk in and take over a ...
Iran, Russia, and China target water systems through weak passwords and exposed PLCs/HMIs, aiming for psychological impact ...
Adversaries could plant a malicious repository that executes arbitrary code and steals cloud credentials, showcasing MCP risk ...
Schools face rising cyber threats from third-party software attacks as criminals exploit vendor vulnerabilities for ransom ...
The latest reporters' notebook explores educational institutions, edtech vendors, and the challenges schools are up against ...
Cisco's recent acquisitions of Astrix Security and WideField Security will help enterprises secure AI agents and non-human ...
Attackers can exploit the issue to disable security and integrated browser tools without needing administrator privileges or ...