Serbian police used Cellebrite zero-day hack to unlock Android phones
Serbian authorities have reportedly used an Android zero-day exploit chain developed by Cellebrite to unlock the device of a student activist…
EncryptHub breaches 618 orgs to deploy infostealers, ransomware
A threat actor tracked as 'EncryptHub,' aka Larva-208, has been targeting organizations worldwide with spear-phishing and social engineering attacks to gain access…
New Auto-Color Linux backdoor targets North American govts, universities
A previously undocumented Linux backdoor dubbed 'Auto-Color' was observed in attacks between November and December 2024, targeting universities and government…
Exploits for unpatched Parallels Desktop flaw give root on Macs
Two different exploits for an unpatched Parallels Desktop privilege elevation vulnerability have been publicly disclosed, allowing users to gain root…
Abandoned AWS Cloud Storage: A Major Cyberattack Vector
New research highlights how bad actors could abuse deleted AWS S3 buckets to create all sorts of mayhem, including a…
Managing Software Risk in a World of Exploding Vulnerabilities
Organizations and development teams need to evolve from "being prepared" to "managing the risk" of security breaches.
1-Click Phishing Campaign Targets High-Profile X Accounts
In an attack vector that's been used before, threat actors aim to commit crypto fraud by hijacking highly followed users,…
Backdoor found in two healthcare patient monitors, linked to IP in China
The US Cybersecurity and Infrastructure Security Agency (CISA) is warning that Contec CMS8000 devices, a widely used healthcare patient monitoring…
The Advantages of Cloud-Based Remote Desktop versus RDP over VPN
Remote work is now an essential part of many businesses, requiring organizations to rethink how they provide secure and efficient…
Hackers get $886,250 for 49 zero-days at Pwn2Own Automotive 2025
The Pwn2Own Automotive 2025 hacking contest has ended with security researchers collecting $886,250 after exploiting 49 zero-days. [...]