Stay updated with the latest developments in Cybersecurity!
News, updates tips and tutorials that help you maximize your security.
For a list of cybersecurity guides and how-tos, click here or scroll farther below.
 Check back for updates.
768 CVEs Exploited in 2024, Reflecting a 20% Increase from 639 in 2023
In 2024, cybercriminals upped their game by exploiting 768 CVEs—a 20% increase from 2023—demonstrating their unwavering commitment to job security.
PyPI Introduces Archival Status to Alert Users About Unmaintained Python Packages
PyPI's new 'archival status' feature is like slapping a 'Do Not Resuscitate' order on those Python packages that haven't seen daylight since the Jurassic era.
⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [27 February
In this week's cybersecurity soap opera, AI chatbots are spilling secrets, law enforcement is crashing cybercrime parties, and Apple is patching holes faster than a ship in a storm.
Coyote Malware Expands Reach: Now Targets 1,030 Sites and 73 Financial Institutions
Coyote malware is broadening its horizons, now targeting over 1,000 sites and 73 financial institutions, making it the overachiever of the cybercrime world.
What Is Attack Surface Management?
Attack Surface Management: the cybersecurity equivalent of cleaning out your digital junk drawer before the hackers turn your clutter into their treasure.
Crazy Evil Gang Targets Crypto with StealC, AMOS, and Angel Drainer Malware
The 'Crazy Evil' gang is on a crypto crime spree, using malware like StealC, AMOS, and Angel Drainer to pilfer digital assets, showing that even in cybercrime, diversification is key.
Security enthusiasts and professionals are turning their focus towards a new angle on phishing attacks in the identity and access management space.During the "Offensive Entra ID (Azure AD)...
In a recent technical investigation, researchers uncovered critical insights into the infrastructure linked to a suspected Chinese state-backed cyber actor referred to as "RedGolf."...
FortiGuard Labs has issued a high-severity alert regarding the Coyote Banking Trojan, a sophisticated malware targeting Microsoft Windows users.Over the past month, researchers...
On February 3, 2025, Arm disclosed a vulnerability in the Mali GPU Kernel Driver that allows improper GPU processing operations.This issue affects Valhall...
The integration of Internet of Things (IoT) and Internet of Medical (IoM) devices has revolutionized healthcare, enabling real-time monitoring, remote diagnostics, and data-driven decision-making....
Tech giant Microsoft has unveiled a groundbreaking feature for its Microsoft Teams platform: AI-generated avatars designed to revolutionize meeting personalization.This innovative feature allows users...
Globe Life Inc., a prominent insurance provider, has confirmed a major data breach that exposed the personal and health-related information of over 850,000 users.The...
NVIDIA has issued a critical security update to address multiple vulnerabilities in its GPU Display Driver and vGPU software, affecting both Windows and Linux...
The Python Package Index (PyPI) has introduced a new feature that allows maintainers to mark projects as archived, signaling that the project is no...
Hundreds of thousands have been impacted by data breaches at Asheville Eye Associates and Delta County Memorial Hospital District.
A threat actor has infected Casio UK’s website with a web skimmer on all pages, except the typical checkout page.
Researchers found a jailbreak method that exposed DeepSeek’s system prompt, while others have analyzed the DDoS attacks aimed at the new gen-AI.
Insurance firm Globe Life says a threat actor may have compromised the personal information of roughly 850,000 individuals.
Community Health Center, Inc. says hackers stole the personal and health information of over one million individuals.
Sophos warns that generative AI in cybersecurity might be the new 'Frankenstein's monster,' with 89% of IT leaders fearing their creation could turn against them.
AI offers solutions to enduring problems, but keeping pace with hackers will be key.
Hackers leverage Google’s phone number, subdomains to attack victims
Scammers are now impersonating Google support, using official phone numbers and subdomains to trick users into handing over their accounts.
What's New (And Worrisome) in Quantum Security?
A new generation of quantum computers could render current cryptographic technology approaches useless. Is a solution even possible?
Authorities Seize Domains of Popular Hacking Forums in Major Cybercrime Crackdown
Authorities have seized the domains of popular hacking forums like Cracked and Nulled, leaving cybercriminals scrambling for a new clubhouse.
Lightning AI Studio Vulnerability Allowed RCE via Hidden URL Parameter
Lightning AI Studio's hidden URL parameter was an open invitation for hackers to play admin, turning development environments into their personal playgrounds.
SOC Analysts - Reimagining Their Role Using AI
SOC analysts are embracing AI to handle alert overload, turning their nightmare into a sci-fi dream team-up.
DeepSeek AI Database Exposed: Over 1 Million Log Lines, Secret Keys Leaked
DeepSeek's latest 'open-source' initiative involved leaving over a million sensitive records exposed online, turning transparency into a hacker's delight.
Browser syncjacking: new research details worrying hacking technique
Hackers have found a way to turn Chrome's sync feature into their personal backdoor, making your browser's 'sync' more like 'sink.'
Unpatched PHP Voyager Flaws Leave Servers Open to One-Click RCE Exploits
Voyager's unpatched PHP flaws are like leaving the backdoor wide open, inviting hackers in for a server-side joyride.
New Aquabot Botnet Exploits CVE-2024-41710 in Mitel Phones for DDoS Attacks
Aquabot is turning Mitel phones into unwitting accomplices in DDoS attacks, exploiting CVE-2024-41710 to conscript them into its botnet army.
400 hospitals and med centers across 15 states rely on its products.
Digital canvas slinger indicates dot-com was skimmed for over a month.
US Cyber Agency’s Future Role in Elections Remains Murky Under the Trump Administration
President Donald Trump has yet to name anyone to lead the U.S. Cybersecurity and Infrastructure Security.
TeamViewer Patches High-Severity Vulnerability in Windows Applications
TeamViewer has released patches for a high-severity elevation of privilege vulnerability in its client and host applications for Windows.
Nulled, Other Cybercrime Websites Seized by Law Enforcement
Several cybercrime websites have been seized in a law enforcement operation, including Nulled, Cracked, Sellix, and StarkRDP.
Frederick Health Hit by Ransomware Attack
Maryland healthcare provider Frederick Health has taken some of its systems offline in response to a ransomware attack.
152,000 Impacted by Data Breach at Berman & Rabin
Law firm Berman & Rabin says 152,000 people are impacted by a data breach resulting from a July 2024 ransomware attack.
Unprotected DeepSeek Database Exposed Chats, Other Sensitive Information
An unprotected database belonging to Chinese AI company DeepSeek exposed highly sensitive information, including chat history, secret keys, and backend data.
Tenable to Acquire Vulcan Cyber for $150 Million
Tenable plans to acquire exposure management company Vulcan Cyber for roughly $150 million in cash and stock.
DeepSeek's latest data leak spilled user chat histories and sensitive info, turning their 'secure' servers into a hacker's buffet.
Hackers are hijacking outdated WordPress sites to distribute malware to Windows and Mac users, turning neglected blogs into malware distribution hubs.
North Korea’s new hack: stealing data via open-source code
North Korea's Lazarus Group is now sneaking malware into trusted open-source software, turning developers' tools into unwitting accomplices.
Top 5 Strategies for Cybersecurity Red Teaming
Red teaming offers a proactive approach to cybersecurity that is most effective when implemented through a strategy that includes collaboration and AI.
Security isn't just about tools — it's about understanding how the enemy thinks and why they make certain choices.
CISA provides information on cybersecurity best practices to help individuals and organizations implement preventative measures and manage cyber risks.
Learn how to protect yourself, your family and your home with these tips and resources
Organizations of all sizes need to keep their data, employees and customers safe and secure. Learn how to protect your business with these resources.
Explore our collection of resources on current and emerging forms of cybercrime and illegal online activities.
The ROI of Security Investments: How Cybersecurity Leaders Prove It
Cyber threats are intensifying, and cybersecurity has become critical to business operations.
Top Cybersecurity Threats, Tools, and Practices
We're talking password-stealing bots, sneaky extensions that spy on you, and even cloud-hacking ninjas.
Learn job-ready skills that are in-demand, like how to identify and mitigate common risks, threats, and vulnerabilities — and discover how to effectively utilize AI in cybersecurity.
|
