A global geolocation surveillance tool named Webloc has been used by law enforcement agencies in Hungary, El Salvador, and the U.S. to track devices through advertising...
Russia-linked APT28 is carrying out cyber espionage by altering DNS configurations in vulnerable small office/home office routers, bypassing traditional malware detection.
Google warns that the UNC6783 threat actor is compromising business process outsourcing providers to access corporate Zendesk support tickets, potentially exposing sensitive information from multiple industries.
A widespread campaign has been discovered in which nearly 100 Magento-based online stores were compromised by hackers who concealed credit card-stealing code inside tiny SVG images.
Microsoft has suspended developer accounts maintaining key open-source projects without prior notice, hindering the publication of updates and security patches for Windows users.
Authorities and private partners have dismantled FrostArmada, an APT28 operation using DNS hijacking on MikroTik and TP-Link routers to steal Microsoft account credentials.
Recent Ponemon Institute research reveals that many enterprise applications remain unconnected to centralized identity systems, increasing security risks despite mature identity programs.
Credential security discussions often focus on breach prevention due to the high average cost of data breaches, but recurring credential incidents present ongoing challenges beyond a...
Academic researchers have discovered multiple RowHammer attacks targeting GPUs, including GPUBreach, which can escalate privileges and potentially gain full host control.
A critical remote code execution flaw in the Flowise open-source AI platform is being actively exploited, exposing over 12,000 instances, VulnCheck reports.