News

FBI: Scammers pose as FBI IC3 employees to 'help' recover lost funds
The FBI warns that scammers posing as FBI IC3 employees are offering to "help" fraud victims recover money lost to other ...
SonicWall SMA VPN devices targeted in attacks since January
A remote code execution vulnerability affecting SonicWall Secure Mobile Access (SMA) appliances has been under active ...
Interlock ransomware gang pushes fake IT tools in ClickFix attacks
The Interlock ransomware gang now uses ClickFix attacks that impersonate IT tools to breach corporate networks and deploy ...
Chinese hackers target Russian govt with upgraded RAT malware
Chinese-speaking IronHusky hackers are targeting Russian and Mongolian government organizations using upgraded MysterySnail ...
ASUS warns of critical auth bypass flaw in routers using AiCloud
ASUS is warning about an authentication bypass vulnerability in routers with AiCloud enabled that could allow remote ...
Cisco Webex bug lets hackers gain code execution via meeting links
Cisco has released security updates for a high-severity Webex vulnerability that allows unauthenticated attackers to gain ...
7 Steps to Take After a Credential-Based cyberattack
Hackers don't break in—they log in. Credential-based attacks now fuel nearly half of all breaches. Learn how to scan your ...
CISA warns of increased breach risks following Oracle Cloud leak
CISA warned of heightened breach risks after the compromise of legacy Oracle Cloud servers earlier this year and highlighted ...
Windows NTLM hash leak flaw exploited in phishing attacks on governments
A Windows vulnerability that exposes NTLM hashes using .library-ms files is now actively exploited by hackers in phishing ...
Ahold Delhaize confirms data theft after INC ransomware claims attack
Food retail giant Ahold Delhaize confirms that data was stolen from its U.S. business systems during a November 2024 ...
Critical Erlang/OTP SSH pre-auth RCE is 'Surprisingly Easy' to exploit, patch now
A critical vulnerability in the Erlang/OTP SSH, tracked as CVE-2025-32433, has been disclosed that allows for unauthenticated ...
CISA extends funding to ensure 'no lapse in critical CVE services'
CISA says the U.S. government has extended MITRE's funding to ensure no continuity issues with the critical Common ...