BlackSuit ransomware payment recovered in takedown operation
Over a million dollars’ worth of cryptocurrency assets laundered by or on behalf of the notorious BlackSuit ransomware gang – previously known as Royal –…
Latest Cybersecurity News — Page 1591
View all →
US agencies, international allies issue guidance on OT asset inventorying
Listen to the article 3 min This audio is auto-generated. Please let us know if you have feedback. Government agencies from the U.S., Australia, Canada,…
New Multi-Stage Tycoon2FA Phishing Attack Now Beats Top Security Systems
If you think phishing is just clicking a bad link and landing on a fake login page, Tycoon2FA will prove you wrong. This new wave…
Windows Remote Desktop Services Flaw Allows Network-Based Denial-of-Service Attacks
Microsoft disclosed a critical vulnerability in Windows Remote Desktop Services on August 12, 2025, that enables attackers to launch denial-of-service attacks remotely without requiring authentication…
The Looming Domino Effect of Cyberattacks on Energy and Utilities
When systems go dark and become unavailable, consumers and operators may feel frustration, panic, and anger. When there is disruption to energy and utilities that…
Hackers Deploy Dedicated Phishlet for FIDO Authentication Downgrade Attacks
Proofpoint researchers have uncovered a novel technique allowing threat actors to bypass FIDO-based authentication through downgrade attacks, leveraging a custom phishlet within adversary-in-the-middle (AiTM) frameworks.…
Croatian research institute confirms ransomware attack via ToolShell vulnerabilities
The Ruđer Bošković Institute (RBI), the largest Croatian science and technology research institute, has confirmed that it was the one of “at least 9,000 institutions…
Zoom and Xerox Release Critical Security Updates Fixing Privilege Escalation and RCE Flaws
Aug 13, 2025Ravie LakshmananVulnerability / Software Security Zoom and Xerox have addressed critical security flaws in Zoom Clients for Windows and FreeFlow Core that could…
Santander will make AI training mandatory for all staff in 2026
Banco Santander will introduce a mandatory artificial intelligence (AI) training programme for all its staff next year, as part of its plan to make the…
FortiOS, FortiProxy, and FortiPAM Auth Bypass Vulnerability Allows Attackers to Gain Full Control
A high-severity authentication bypass vulnerability affecting multiple Fortinet security products, including FortiOS, FortiProxy, and FortiPAM systems. The flaw, designated as CVE-2024-26009 with a CVSS score…
ShinyHunters May Have Teamed Up With Scattered Spider in Salesforce Attack Campaigns
The financially motivated threat group ShinyHunters has returned with a sophisticated series of attacks targeting Salesforce instances across high-profile enterprises in industries like retail, aviation,…
New Brute-Force Campaign Hits Fortinet SSL VPN in Coordinated Attack
A surge in brute-force attacks on Fortinet products could signal a new vulnerability. A timeline shows a strong link between attack spikes and security flaws.…