The group compromised at least 10 regional organizations, including two state-owned entities, and deployed a new backdoor.
Attackers don't need any special authentication to reach a target endpoint — they just need to know where it is.
As AI reshapes cybersecurity workflows, John Paul Cunningham, CISO at SIlverfort, says there are more ways than ever to break ...
Separate but similar campaigns described by Microsoft and Trend Micro use malicious zip files to spread malware via social ...
Iran, Russia, and China target water systems through weak passwords and exposed PLCs/HMIs, aiming for psychological impact ...
Adversaries could plant a malicious repository that executes arbitrary code and steals cloud credentials, showcasing MCP risk ...
The infostealer was delivered via CVE-2026-48558, a critical authentication bypass vulnerability in SimpleHelp.
One critical vulnerability, among many discovered by a researcher, could have allowed anyone to walk in and take over a ...
Schools face rising cyber threats from third-party software attacks as criminals exploit vendor vulnerabilities for ransom ...
Cisco's recent acquisitions of Astrix Security and WideField Security will help enterprises secure AI agents and non-human ...
In a report this week, ESET tracks 35 separate Gamaredon spear-phishing campaigns against Ukraine carried out last year. In ...
The latest reporters' notebook explores educational institutions, edtech vendors, and the challenges schools are up against ...