The attack surface targeted by Iranian-linked hackers in cyberattacks against U.S. critical infrastructure networks includes ...

Analysis of 1 billion CISA KEV remediation records reveal a breaking point for human-scale security. Qualys shows most ...

Hackers gained access to an API for the CPUID project and changed the download links on the official website to serve ...

Google says Gmail end-to-end encryption (E2EE) is now available on all Android and iOS devices, allowing enterprise users to ...

A financially motivated threat actor tracked as Storm-2755 is stealing Canadian employees' salary payments after hijacking their accounts in payroll pirate attacks.

Dutch healthcare software vendor ChipSoft has been impacted by a ransomware attack that forced the company to take offline ...

Threat actors using a previously undocumented phishing-as-a-service (PhaaS) platform called "VENOM" are targeting credentials ...

A new Lua-based malware, called LucidRook, is being used in spear-phishing campaigns targeting non-governmental organizations ...

Stolen credentials turn authentication systems into the attack surface. Token shows how wearable biometric authentication ...

Google has rolled out Device Bound Session Credentials (DBSC) protection in Chrome 146 for Windows, designed to block ...

Hackers hijacked the update system for the Smart Slider 3 Pro plugin for WordPress and Joomla, and pushed a malicious version ...

Threat actors often signal their intentions before launching attacks, from dark web chatter to access-broker listings and ...