About a year ago, we published a post about the ClickFix technique, which was gaining popularity among attackers. The essence of attacks using ClickFix boils down to convincing the victim, under various pretexts, to run a malicious command on their computer. That is, from the cybersecurity solutions point of view, show more ...
Researchers suggest defenders monitor how these malicious groups re-form and leverage the useful threat intel to guide their next moves.
.jpg?width=1280&auto=webp&quality=80&disable=upscale)
ICS/OT experts have devised a scoring system for rating the severity and effects of cybersecurity events in operational technology environments.
The vulnerabilities highlight a big drawback to integrating AI into software development workflows and the potential impact on supply chains.
Attackers are bypassing email gateways through telephone-oriented attack delivery (TOAD), in which the only email payload is a phone number.
The PCI Security Standards Council experienced a record year in many regards, but its first annual report shows it needs to work even faster to stay ahead of attackers.
In the latest operation targeting cybercrime groups, African law enforcement agencies cooperated with Interpol and cybersecurity firms to recover more than USD 4.3 million.
Linked to North Korean fake job-recruitment campaigns, the poisoned repositories are aimed at establishing persistent access to infected machines.
A Moscow resident has been accused of trying to extort money from the notorious Conti ransomware group by posing as an officer of Russia’s Federal Security Service, according to local media reports.
A breach of TriZetto software first described by counties in Oregon affected millions of Americans overall, according to public data released this week by the company.
In responding to pushback about Discord's impending age verification policy, co-founder Stanislav Vishnevskiy said the platform "failed at our most basic job: clearly explaining what we're doing and why. That's on us.”
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued an emergency directive warning of a “cyber threat actor’s ongoing exploitation of Cisco SD-WAN systems,” describing the activity as presenting a significant risk to federal civilian executive branch networks.
In addition to the $17.25 million payout, which will be split between more than 10 million potential class members, the settlement requires PowerSchool to establish a “web governance” committee to monitor certain actions.
In a filing with U.S. regulators, Massachusetts-based medical device manufacturer UFP Technologies said intruders possibly stole or destroyed company data during an incident earlier in February.
The Federal Trade Commission (FTC) on Wednesday issued a policy statement advising industry that it will not bring enforcement actions against website and online service providers who collect, use and share personal data using age verification technologies.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a recently disclosed vulnerability in FileZen to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerability, tracked as CVE-2026-25108 (CVSS v4 score: 8.7), is a case of operating system (OS) command injection that could allow an authenticated user to execute
A 39-year-old Australian national who was previously employed at U.S. defense contractor L3Harris has been sentenced to a little over seven years in prison for selling eight zero-day exploits to Russian exploit broker Operation Zero in exchange for millions of dollars. Peter Williams pleaded guilty to two counts of theft of trade secrets in October 2025. In addition to the jail term, Williams
SolarWinds has released updates to address four critical security flaws in its Serv-U file transfer software that, if successfully exploited, could result in remote code execution. The vulnerabilities, all rated 9.1 on the CVSS scoring system, are listed below - CVE-2025-40538 - A broken access control vulnerability that allows an attacker to create a system admin user and execute arbitrary
Cybersecurity researchers have discovered four malicious NuGet packages that are designed to target ASP.NET web application developers to steal sensitive data. The campaign, discovered by Socket, exfiltrates ASP.NET Identity data, including user accounts, role assignments, and permission mappings, as well as manipulates authorization rules to create persistent backdoors in victim applications.
Why automating sensitive data transfers is now a mission-critical priority More than half of national security organizations still rely on manual processes to transfer sensitive data, according to The CYBER360: Defending the Digital Battlespace report. This should alarm every defense and government leader because manual handling of sensitive data is not just inefficient, it is a systemic
Google on Wednesday disclosed that it worked with industry partners to disrupt the infrastructure of a suspected China-nexus cyber espionage group tracked as UNC2814 that breached at least 53 organizations across 42 countries. "This prolific, elusive actor has a long history of targeting international governments and global telecommunications organizations across Africa, Asia, and the Americas,"
Cybersecurity researchers have disclosed multiple security vulnerabilities in Anthropic's Claude Code, an artificial intelligence (AI)-powered coding assistant, that could result in remote code execution and theft of API credentials. "The vulnerabilities exploit various configuration mechanisms, including Hooks, Model Context Protocol (MCP) servers, and environment variables – executing
The notorious cybercrime collective known as Scattered LAPSUS$ Hunters (SLH) has been observed offering financial incentives to recruit women to pull off social engineering attacks. The idea is to hire them for voice phishing campaigns targeting IT help desks, Dataminr said in a new threat brief. The group is said to be offering anywhere between $500 and $1,000 upfront per call, in addition to
Triage is supposed to make things simpler. In a lot of teams, it does the opposite. When you can’t reach a confident verdict early, alerts turn into repeat checks, back-and-forth, and “just escalate it” calls. That cost doesn’t stay inside the SOC; it shows up as missed SLAs, higher cost per case, and more room for real threats to slip through. So where does triage go wrong? Here are five triage
Amid a privacy backlash, a US $10,000 reward has been offered for anyone who can find a way to run Ring doorbell cameras locally, cutting off the flow of video data to Amazon's servers. Read more in my article on the Hot for Security blog.
