Attackers Adopting Novel LOTL Techniques to Evade Detection
HP Wolf has reported the use of multiple, uncommon binaries and novel uses of legitimate image files in recent malicious campaigns
Information Security Magazine
France Warns Apple Users of New Spyware Campaign
20 hours 17 minutes ago
Apple has sent at least four notifications in 2025, according to the French national cybersecurity agency
ICO Warns of Student-Led Data Breaches in UK Schools
22 hours 32 minutes ago
ICO warned that growing hacks by children into school computer systems is setting them up for “a life of cybercrime”
CISA Launches Roadmap for the CVE Program
1 day 14 hours ago
The US cybersecurity agency called for the CVE program to remain publicly maintained and vendor-neutral while emphasizing the need for broader engagement
Fileless Malware Deploys Advanced RAT via Legitimate Tools
1 day 15 hours ago
A sophisticated fileless malware campaign has been observed using legitimate tools to deliver AsyncRAT executed in memory
Wyden Urges FTC Investigation Over Ascension Ransomware Hack
1 day 16 hours ago
Senator Ron Wyden of Oregon has urged the FTC to investigate Microsoft for cybersecurity lapses linked to ransomware attacks on US critical infrastructure
Chinese APT Actor Compromises Military Firm with Novel Fileless Malware Toolset
1 day 18 hours ago
Bitdefender said the sophisticated multi-stage operation allowed attackers to maintain persistent access and steal sensitive data from a Philippines military company
France: Three Regional Healthcare Agencies Targeted by Cyber-Attacks
1 day 20 hours ago
Compromised data includes personal data such as patients’ full names, ages, phone numbers and email addresses
Ukrainian Ransomware Fugitive Added to Europe’s Most Wanted
1 day 21 hours ago
US offers $11m as LockerGoga ransomware suspect becomes one of Europe’s most wanted men
LNER Reveals Supply Chain Attack Compromised Customer Information
1 day 22 hours ago
Government-run train operator LNER has revealed details of a supplier data breach
KillSec Ransomware Hits Brazilian Healthcare IT Vendor
2 days 16 hours ago
A ransomware attack by KillSec on Brazil software provider MedicSolution threatens healthcare, impacting providers and patients
Cursor Autorun Flaw Lets Repositories Execute Code Without Consent
2 days 18 hours ago
A flaw in the Cursor extension allows unauthorized code execution when opening repositories in Visual Studio
Adobe Releases Emergency Patch for Critical Flaw in Commerce and Magento
2 days 19 hours ago
The vulnerability, dubbed SessionReaper, allows customer account takeover and unauthenticated remote code execution
Ransomware Payments Plummet in Education Amid Enhanced Resiliency
2 days 20 hours ago
Sophos found that average ransom demands and payments fell substantially in the education sector in 2025, as recovery time and costs fell
Two Zero-Days Among Patch Tuesday CVEs This Month
2 days 21 hours ago
Microsoft has fixed over 80 vulnerabilities including two publicly disclosed zero-days in its latest Patch Tuesday release
Malicious npm Code Reached 10% of Cloud Environments
2 days 22 hours ago
Wiz Security warns that a recently discovered supply chain attack campaign targeting npm is far from over
Threat Actor Accidentally Exposes AI-Powered Operations
3 days 16 hours ago
A threat actor accidentally revealed their AI-powered methods by installing Huntress security software
Salty2FA Phishing Kit Unveils New Level of Sophistication
3 days 17 hours ago
Salty2FA phishing campaign showcases advanced techniques and professionalism of cybercrime operations
Open Source Community Thwarts Massive npm Supply Chain Attack
3 days 18 hours ago
What could have been a historic supply chain attack seems to have been averted due to the rapid response of the open source community
Axios User Agent Helps Automate Phishing on “Unprecedented Scale”
3 days 19 hours ago
ReliaQuest warns that phishing campaigns abusing the Axios user agent have surged 241% in three months
Checked
4 hours 2 minutes ago