Critical infrastructure providers are under threat of more frequent and sophisticated attacks as state-linked threat groups are increasingly collaborating with…
Windows Active Directory (AD) service accounts are prime cyber-attack targets due to their elevated privileges and automated/continuous access to important…
In a significant breakthrough, cybersecurity firm Silent Push has uncovered sensitive infrastructure tied to the Lazarus Group, a North Korean…
A cross-site scripting (XSS) vulnerability in a virtual tour framework has been weaponized by malicious actors to inject malicious scripts…
The use of internet of things (IoT) technology, combined with a software as a service (SaaS) platform, will help water…
Dive Brief: Global cybersecurity spending is projected to surge in coming years as artificial intelligence tools like chatbots and agents…
Forensic investigators have found that North Korean Lazarus hackers stole $1.5 billion from Bybit after hacking a developer’s device at…
A series of critical security vulnerabilities in the widely-used Rsync file synchronization tool have been uncovered, exposing millions of servers…
DalFox is an open-source tool for automating the detection of XSS vulnerabilities. With powerful testing capabilities and a wide range…
Feb 26, 2025Ravie LakshmananMalware / Cryptocurrency Cybersecurity researchers have flagged a malicious Python library on the Python Package Index (PyPI)…
When VMware launched vSAN Max in late 2023, it promised storage for VSphere with many of the benefits of hyper-converged…
A malicious PyPi package named ‘automslc’ has been downloaded over 100,000 times from the Python Package Index since 2019, abusing…