There are currently no mitigations for the severe Linux kernel bug, QNAP warned on Monday. The “Dirty Pipe” Linux kernel flaw – a high-severity vulnerability in all major distros that grants root ...

Lockbit is by far this summer’s most prolific ransomware group, trailed by two offshoots of the Conti group. After a recent dip, ransomware attacks are back on the rise. According to data released by ...

Environmentalists and policymakers warn water treatment plants are ripe for attack. Industrial controls governing water-related U.S. critical infrastructure are woefully under-estimated as cyberattack ...

Recent LofyLife campaign steals tokens and infects client files to monitor various user actions, such as log-ins, password changes and payment methods. Threat actors once again are using the node ...

The mobile malware heisted hundreds of millions of dollars from unsuspecting users, thanks to 470 different well-crafted malicious app in Google Play. Nearly 500 malicious apps lurking on the Google ...

Can we trust web browsers to protect us, even if they say “https?” Not with the novel BitB attack, which fakes popup SSO windows to phish away credentials for Google, Facebook and Microsoft, et al.

WeTransfer is being used by hackers to circumvent email gateways looking to zap malicious links. Hackers are abusing the popular file-sharing service called WeTransfer to circumvent defensive email ...

Researchers uncovers “ultimate man-in-the-middle attack” that used an elaborate spoofing campaign to fool a Chinese VC firm and rip off an emerging business. Hackers pulled off an elaborate man-in-the ...

Over 130 companies tangled in sprawling phishing campaign that spoofed a multi-factor authentication system. Targeted attacks on Twilio and Cloudflare employees are tied to a massive phishing campaign ...

The tricky trojan evolves yet again, remaining one of the most advanced vehicles for delivering malware. The TrickBot trojan has evolved again to bolster its ability to elude detection, this time ...

The move comes just a week after GPU-maker NVIDIA was hit by Lapsus$ and every employee credential was leaked. Just days after leaking data it claims to have exfiltrated from chipmaker NVIDIA, ...

The large January 2022 Patch Tuesday update covers nine critical CVEs, including a self-propagator with a 9.8 CVSS score. Microsoft has addressed a total of 97 security vulnerabilities in its January ...