The Knownsec 404 Advanced Threat Intelligence Team has lately discovered increased activity from the Silver Fox cybercrime gang, which has been using fake versions of…
Singapore’s recent disclosure of an ongoing cyberattack by the advanced persistent threat (APT) group UNC3886 on critical infrastructure highlights a deliberate strategy favoring technical attribution…
Security researchers have discovered critical BIOS vulnerabilities affecting Lenovo’s IdeaCentre and Yoga All-in-One desktop computers that could allow privileged attackers to execute arbitrary code and…
The Russian state-sponsored threat actor APT28, also known as Fancy Bear or Forest Blizzard, has deployed LameHug, the first publicly documented malware leveraging large language…
Spanish authorities have successfully apprehended a sophisticated cybercriminal who allegedly stole sensitive data from major financial institutions, educational organizations, and private companies across the country.…
Cybersecurity researchers successfully exploited critical zero-day vulnerabilities in two discontinued network security devices during DistrictCon’s inaugural Junkyard competition in February, earning runner-up recognition for Most…
A SentinelLABS investigation has revealed that businesses linked to the Chinese advanced persistent threat (APT) group Hafnium, also known as Silk Typhoon, have submitted more…
A critical security vulnerability has been discovered in SUSE Manager that enables attackers to execute arbitrary commands with root privileges without any authentication. The flaw,…
A newly analyzed Malware-as-a-Service (MaaS) infostealer, NOVABLIGHT, has emerged as a significant cybersecurity threat, targeting unsuspecting users with advanced data theft capabilities. Developed and sold…
A Raspberry Pi device that was directly attached to an internal network switch was used by the financially motivated threat actor group UNC2891 to breach…
Sonatype’s automated malware detection systems have exposed a large-scale and ongoing cyber infiltration campaign orchestrated by the North Korea-backed Lazarus Group, also known as Hidden…
Security researchers have disclosed a critical zero-day vulnerability in CrushFTP, a popular file transfer server solution, that allows attackers to execute arbitrary commands on affected…
