Feds Warn of North Korean Cyberattacks on US Critical Infrastructure
The Andariel group is targeting critical defense, aerospace, nuclear, and engineering companies for data theft, the FBI, NSA, and others…
BreachForums v1 database leak is an OPSEC test for hackers
The entire database for the notorious BreachForums v1 hacking forum was released on Telegram Tuesday night, exposing a treasure trove…
CISA warns critical Geoserver GeoTools RCE flaw is exploited in attacks
CISA is warning that a critical GeoServer GeoTools remote code execution flaw tracked as CVE-2024-36401 is being actively exploited in…
Void Banshee APT Exploits Microsoft Zero-Day in Spear-Phishing Attacks
The threat group used CVE-2024-38112 and a "zombie" version of IE to spread Atlantida Stealer through purported PDF versions of…
Hackers use PoC exploits in attacks 22 minutes after release
Threat actors are quick to weaponize available proof-of-concept (PoC) exploits in actual attacks, sometimes as quickly as 22 minutes after…
Google increases bug bounty rewards five times, up to $151K
Google has announced a fivefold increase in payouts for bugs found in its systems and applications reported through its Vulnerability…
CRYSTALRAY hacker expands to 1,500 breached systems using SSH-Snake tool
A new threat actor known as CRYSTALRAY has significantly broadened its targeting scope with new tactics and exploits, now counting…
‘Crystalray’ Attacks Jump 10X, Using Only OSS to Steal Credentials
Remember when hackers used to write their own malware? Kids these days don't want to work, they just want freely…
The Stark Truth Behind the Resurgence of Russia’s Fin7
The Russia-based cybercrime group dubbed "Fin7," known for phishing and malware attacks that have cost victim organizations an estimated $3…
Microsoft Patch Tuesday, July 2024 Edition
Microsoft Corp. today issued software updates to plug 139 security holes in various flavors of Windows and other Microsoft products.…