The LockBit ransomware gang has again started using encryptors based on other operations, this time switching to one based on the leaked source code for the...
New stealthy malware designed to hunt down vulnerable Redis servers online has infected over a thousand of them since September 2021 to build a botnet that...
The LockBit ransomware gang has claimed responsibility for the cyberattack on ION Group, a UK-based software company whose products are used by financial institutions, banks, and...
XSS Hunter now has a home at Truffle Security, which has launched a new version of the tool after its original creator declared that he will be...
A security researcher dropped a zero-day remote code execution (RCE) chain of vulnerabilities affecting Lexmark printers after claiming the disclosure reward he was offered was “laughable”....
A bypass of Facebook’s SMS-based two-factor authentication (2FA) made it into Meta’s most impressive bug bounty finds of 2022. However, it seems Facebook’s parent company initially didn’t...
Insider threats are a top concern at organizations of all kinds; only 3% of respondents surveyed are not concerned with insider risk, according to Gurucul. With...
SynSaber recently released its second Industrial Control Systems (ICS) Vulnerabilities & CVEs Report. In this Help Net Security video, Ronnie Fabela, CTO at SynSaber, talks about the key...
Critical vulnerabilities discovered in OpenEMR can be chained to gain code execution on a server running a vulnerable version of the popular open-source electronic health record...
ESET researchers have discovered yet another wiper malware used to target Ukrainian organizations. Dubbed SwiftSlicer, it is thought to be wielded by the Sandworm APT. Simultaneously, the...