An authentication bypass vulnerability in the SolarWinds Orion software may have been leveraged by adversaries as a zero-day to deploy the SUPERNOVA malware in target environments....
Cyber attackers are increasingly using VBA code to prepare malicious documents. Recently, threat actors have been observed using a VBA Purging technique, which involves the use of VBA...
TeamTNT, the cybercriminal group primarily known for its cryptomining operations, has upgraded its arsenal with new tools with sharpened capabilities. In a recent attack, the group has...
Gitpaste-12, the worm that propagates via GitHub and uses GitHub and Pastebin to host malicious payload, is active again with new exploits. Earlier, the worm was found exploiting...
A second supply-chain attack dubbed Operation SignSight has been discovered on the website of the Vietnam Government Certification Authority. The attackers made changes to software installers available for...
21 people have been arrested across the UK as part of a nationwide cyber crackdown targeting customers of WeLeakInfo[.]com, a now-defunct online service that had been...
New evidence amidst the ongoing probe into the espionage campaign targeting SolarWinds has uncovered an unsuccessful attempt to compromise cybersecurity firm Crowdstrike and access the company’s...
Citrix has issued an emergency advisory warning its customers of a security issue affecting its NetScaler application delivery controller (ADC) devices that attackers are abusing to...
Google’s Project Zero team has made public details of an improperly patched zero-day security vulnerability in Windows print spooler API that could be leveraged by a...
Threat actors such as the notorious Lazarus group are continuing to tap into the ongoing COVID-19 vaccine research to steal sensitive information to speed up their...