A China-linked threat actor exploited a Trimble Cityworks zero-day vulnerability in attacks against local government entities in the US, Cisco Talos reports. Tracked as CVE-2025-0994…
The notorious DanaBot botnet has been severely disrupted as part of an international law enforcement operation, which also involved charges and arrest warrants targeting over…
A China-linked cyberespionage group has been exploiting two recent Ivanti Endpoint Manager Mobile (EPMM) vulnerabilities in attacks targeting critical sectors in Europe, North America, and…
Akamai’s security team kicked off a new spat in the vulnerability disclosure world by publishing full exploitation details for “BadSuccessor,” an unpatched privilege-escalation flaw in…
A critical step in maturing any cybersecurity program is the ability to measure and report on its performance. Yet measuring cybersecurity remains notoriously difficult, often…
Marlboro-Chesterfield Pathology (MCP), a full service anatomic pathology lab in North Carolina, was recently targeted in a ransomware attack that resulted in many personal information…
UK retailer Marks & Spencer (MKS.L) has shared another update on the impact of the recent cyberattack, and the company estimates that the incident will…
According to the AV-TEST Institute, more than 450,000 new malicious applications are found every day, illustrating the rapid rate of malware spread. Despite substantial investments…
Cisco on Wednesday published 10 security advisories detailing over a dozen vulnerabilities across its products, including two high-severity flaws in its Identity Services Engine (ISE)…
GitLab and Atlassian this week announced the release of patches for over a dozen vulnerabilities across their product portfolios, including multiple high-severity bugs. On Tuesday,…
The US government’s cybersecurity agency CISA is sounding the alarm over what it calls an “elevated threat” from Russia’s military-intelligence hackers, warning that Unit 26165…
Microsoft and global law enforcement agencies on Wednesday announced the takedown of “Lumma Stealer” malware operation, seizing 2,300 domains that formed the infostealer’s command-and-control backbone…
