Kudelski Security Research recently published an article detailing advanced methods for tracking and analyzing threat actor infrastructure, providing valuable insights…
A malicious Python Package Index (PyPI) package named “set-utils” has been stealing Ethereum private keys through intercepted wallet creation functions…
A critical security oversight in widely used Apache Airflow instances has exposed credentials for platforms like AWS, Slack, PayPal, and…
Business owners and CEOs across the United States received customized ransomware threats this month from the most unusual of places—letters…
Dive Brief: Broadcom on Tuesday disclosed three zero-day vulnerabilities that affect multiple VMware products, including ESXi, Workstation and Fusion. The…
Over 37,000 internet-exposed VMware ESXi instances are vulnerable to CVE-2025-22224, a critical out-of-bounds write flaw that is actively exploited in…
A newly disclosed critical vulnerability in Sitecore Experience Platform (CVE-2025-27218) allows unauthenticated attackers to execute arbitrary code on unpatched systems. …
Socket exposes a typosquatting campaign delivering malware to Linux and macOS systems via malicious Go packages. Discover the tactics used,…
CISO Amplitude | USA | Hybrid – View job details As a CISO, you will develop, implement, and maintain a…
European cloud providers are being urged to adopt a newly created open source infrastructure management application programming interface (API) designed…
Starting mid-March 2025, Microsoft will start prompting users of its Microsoft 365 apps for Windows to back up their files…
With recent attack disclosures like Browser Syncjacking and extension infostealers, browser extensions have become a primary security concern at many…