MITRE shares 2024’s top 25 most dangerous software weaknesses
MITRE has shared this year's top 25 list of the most common and dangerous software weaknesses behind more than 31,000…
China’s ‘Liminal Panda’ APT Attacks Telcos, Steals Phone Data
In US Senate testimony, a CrowdStrike exec explained how this advanced persistent threat penetrated telcos in Asia and Africa, gathering…
African Reliance on Foreign Suppliers Boosts Insecurity Concerns
Recent backdoor implants and cyber-espionage attacks on their supply chains have African organizations looking to diversify beyond Chinese, American tech…
Chinese hackers exploit Fortinet VPN zero-day to steal credentials
Chinese threat actors use a custom post-exploitation toolkit named 'DeepData' to exploit a zero-day vulnerability in Fortinet's FortiClient Windows VPN client…
Critical RCE bug in VMware vCenter Server now exploited in attacks
Broadcom warned today that attackers are now exploiting two VMware vCenter Server vulnerabilities, one of which is a critical remote…
T-Mobile confirms it was hacked in recent wave of telecom breaches
T-Mobile confirms it was hacked in the wave of recently reported telecom breaches conducted by Chinese threat actors to gain…
Trump 2.0 May Mean Fewer Cybersecurity Regs, Shift in Threats
Given increased tensions with China over tariffs, companies could see a shift in attacks, but also fewer regulations and a…
An Interview With the Target & Home Depot Hacker
In December 2023, KrebsOnSecurity revealed the real-life identity of Rescator, the nickname used by a Russian cybercriminal who sold more…
Fraud network uses 4,700 fake shopping sites to steal credit cards
A financially motivated Chinese threat actor dubbed "SilkSpecter" is using thousands of fake online stores to steal the payment card…
US govt officials’ communications compromised in recent telecom hack
CISA and the FBI confirmed that Chinese hackers compromised the "private communications" of a "limited number" of government officials after…