This month, the NHS Dumfries & Galloway, a division of the National Health Service of Great Britain servicing the Dumfries and Galloway region in Scotland, encountered a severe cyberattack for which the ransomware group...
In a recent report by Google’s cyber experts, it was revealed that the exploitation of zero-day vulnerabilities surged by 50% in 2023, reaching a total of 97 incidents, up from 62 in the previous...
CyberArk specialists report that malefactors are mastering new methodologies to access users’ data without the necessity for passwords or multifactor authentication requests. A prevalent technique involves intercepting web sessions through the theft of cookie...
The Cybersecurity and Infrastructure Security Agency (CISA) has expressed concern over the active exploitation of a vulnerability within the Microsoft SharePoint system, which allows malefactors to launch attacks via remote code execution (RCE). The...
Netcraft has unveiled the emergence of a new phishing service named Darcula, which manipulates over 20,000 domains to mimic popular brands, aiming to pilfer Android and iPhone users’ credentials across more than 100 countries....
Specialists at ReversingLabs have uncovered a suspicious package within the NuGet package manager, ostensibly targeting developers who utilize tools from the Chinese company Bozhon Precision Industry Technology, which specializes in the production of industrial...
Apple users have encountered a cunning phishing scheme that exploits a vulnerability in the password reset function. Victims find their devices bombarded with such an overwhelming number of system notifications that the smartphone becomes...
Black Lotus Labs has identified a new variant of the TheMoon malware, targeting SOHO offices and IoT devices across 88 countries, which has already infected nearly 7,000 ASUS routers. TheMoon is associated with the...
Twenty-eight free VPN applications on Google Play were found to employ a malicious SDK, transforming Android devices into residential proxies, likely utilized for cybercrimes and bot operations. The team at HUMAN discovered that these...
Following previous indications that cloud streaming games included in the Xbox Game Pass subscription service would receive updates to support keyboard and mouse inputs, Microsoft has finally commenced testing this feature within the Alpha...
On March 25th, the United Kingdom and the United States formally accused China of cyberattacks on democratic institutions, linking Chinese intelligence services to incidents at the Electoral Commission in 2021 and attempting to hack...
Cybercriminals are increasingly leveraging the new phishing platform Tycoon 2FA to compromise Microsoft 365 and Gmail accounts, circumventing two-factor authentication. This trend was identified by experts at Sekoia. Tycoon 2FA was discovered in October...
The popular service Top.gg, aiding users in finding servers and bots for Discord, suffered from a supply chain attack. Malefactors injected malicious code into Python packages used by bot developers, evidently aiming to steal...
According to a report by The Verge, Pavan Davuluri, the current head of Surface operations, is set to take charge of the Windows+Web Experience division, overseeing products including Windows, Copilot, Bing, and Microsoft Edge,...
Google and Qualcomm have announced the introduction of a Chrome browser optimized for Arm architecture Windows PCs equipped with Snapdragon processors, promising an enhanced browsing experience. This refinement is set to elevate the user...
The cybersecurity firm Proofpoint has uncovered a new phishing campaign orchestrated by the Iranian faction MuddyWater. This operation disseminates legitimate remote monitoring and management software, Atera, among Israeli organizations within the global manufacturing, technology,...
