New Malware Variant RESURGE Exploits Ivanti Vulnerability
CISA recommends immediate action to address malware variant RESURGE exploiting Ivanti vulnerability CVE-2025-0282
Information Security Magazine
ClickFake Interview Campaign by Lazarus Targets Crypto Job Seekers
4 hours 24 minutes ago
New “ClickFake Interview” campaign attributed to the Lazarus Group targets crypto professionals with fake job offers
EU Commission to Invest €1.3bn in Cybersecurity and AI
9 hours 9 minutes ago
The funding will go to several projects within the Digital Europe Programme (DIGITAL) work program for 2025 to 2027
NCSC Urges Users to Patch Next.js Flaw Immediately
10 hours 9 minutes ago
The UK’s National Cyber Security Agency has called on Next.js users to patch CVE-2025-29927
US Seizes $8.2m from Romance Baiting Scammers
10 hours 54 minutes ago
The DoJ has managed to recoup over $8m from scammers, stolen in romance baiting schemes
Solar Power System Vulnerabilities Could Result in Blackouts
3 days 3 hours ago
Forescout researchers found multiple vulnerabilities in leading solar power system manufacturers, which could be exploited to cause emergencies and blackouts
Nine in Ten Healthcare Organizations Use the Most Vulnerable IoT Devices
3 days 4 hours ago
Claroty revealed that 89% of healthcare organizations use the top 1% of riskiest Internet-of-Medical-Things (IoMT) devices
Trump CISA Cuts Threaten US Election Integrity, Experts Warn
3 days 7 hours ago
Expert speakers discussed the impact of reported cutbacks to CISA on the ability of local officials to protect against surging cyber-attacks on US election infrastructure
Morphing Meerkat PhaaS Platform Spoofs 100+ Brands
3 days 8 hours ago
A PhaaS platform, dubbed 'Morphing Meerkat,' uses DNS MX records to spoof over 100 brands and steal credentials, according to Infoblox Threat Intel
CoffeeLoader Malware Loader Linked to SmokeLoader Operations
4 days 2 hours ago
Newly identified CoffeeLoader uses multiple evasion techniques and persistence mechanisms to deploy payloads and bypass endpoint security
PJobRAT Malware Targets Users in Taiwan via Fake Apps
4 days 3 hours ago
PJobRAT malware targets Taiwan Android users, stealing data through fake messaging platforms
No MFA? Expect Hefty Fines, UK’s ICO Warns
4 days 6 hours ago
The ICO’s Deputy Commissioner told Infosecurity that organizations that fail to implement MFA and suffer a breach can expect heavy penalties
Chinese Spy Group FamousSparrow Back with a Vengeance, Targets US
4 days 7 hours ago
Once considered inactive, the Chinese cyber espionage group FamousSparrow has reemerged, targeting organizations across the US, Mexico and Honduras
NCA Warns of Sadistic Online “Com” Networks
4 days 8 hours ago
The UK’s National Crime Agency is warning of a growing cyber and physical threat from homegrown teens
NCSC Urges Domain Registrars to Improve Security
4 days 9 hours ago
The UK’s National Cyber Security Centre has released new guidance to help domain registrars enhance security
SecurityScorecard Observes Surge in Third-Party Breaches
5 days 2 hours ago
In its 2025 Global Third-Party Breach Report, SecurityScorecard has found that 35.5% of all cyber breaches in 2024 were third-party related, up from 29% in 2023
Threat Actors Abuse Trust in Cloud Collaboration Platforms
5 days 5 hours ago
Threat actors are exploiting cloud platforms like Adobe and Dropbox to evade email gateways and steal credentials
Malicious npm Packages Deliver Sophisticated Reverse Shells
5 days 5 hours ago
A newly discovered malware campaign uses malicious npm packages to deploy reverse shells, compromising development environments
ETSI Publishes New Quantum-Safe Encryption Standards
5 days 7 hours ago
Standards body ETSI has defined a scheme for key encapsulation mechanisms with access control (KEMAC), enabling quantum-secure encryption
ENISA Probes Space Threat Landscape in New Report
5 days 8 hours ago
EU security agency ENISA has released a new report outlining the threats and potential mitigations for the space sector
Checked
24 minutes 6 seconds ago