web
-
RomCom Exploits Zero-Day Firefox and Windows Flaws in Sophisticated Cyberattacks
The Russia-aligned threat actor known as RomCom has been linked to the zero-day exploitation of two security flaws, one in…
Read More » -
NodeStealer Malware Targets Facebook Ad Accounts, Harvesting Credit Card Data
Threat hunters are warning about an updated version of the Python-based NodeStealer that’s now equipped to extract more information from…
Read More » -
Apple Releases Urgent Updates to Patch Actively Exploited Zero-Day Vulnerabilities
Apple has released security updates for iOS, iPadOS, macOS, visionOS, and its Safari web browser to address two zero-day flaws…
Read More » -
PAN-OS Firewall Vulnerability Under Active Exploitation – IoCs Released
Palo Alto Networks has released new indicators of compromise (IoCs) a day after the network security vendor confirmed that a…
Read More » -
Comprehensive Guide to Building a Strong Browser Security Program
The rise of SaaS and cloud-based work environments has fundamentally altered the cyber risk landscape. With more than 90% of…
Read More » -
AndroxGh0st Malware Integrates Mozi Botnet to Target IoT and Cloud Services
The threat actors behind the AndroxGh0st malware are now exploiting a broader set of security flaws impacting various internet-facing applications,…
Read More » -
IcePeony and Transparent Tribe Target Indian Entities with Cloud-Based Tools
High-profile entities in India have become the target of malicious campaigns orchestrated by the Pakistan-based Transparent Tribe threat actor and…
Read More » -
SteelFox and Rhadamanthys Malware Use Copyright Scams, Driver Exploits to Target Victims
An ongoing phishing campaign is employing copyright infringement-related themes to trick victims into downloading a newer version of the Rhadamanthys…
Read More » -
Cisco Releases Patch for Critical URWB Vulnerability in Industrial Wireless Systems
Cisco has released security updates to address a maximum severity security flaw impacting Ultra-Reliable Wireless Backhaul (URWB) Access Points that…
Read More » -
Malicious PyPI Package ‘Fabrice’ Found Stealing AWS Keys from Thousands of Developers
Cybersecurity researchers have discovered a malicious package on the Python Package Index (PyPI) that has racked up thousands of downloads…
Read More »