Stay updated with the latest developments in Cybersecurity!
News, updates tips and tutorials that help you maximize your security.
Also on this page, click the links below:
 Cybersecurity News Websites
Cybersecurity Guides
Check back for updates.
Apache Tomcat Vulnerability Actively Exploited Just 30 Hours After Public Disclosure
A recently disclosed security flaw impacting Apache Tomcat has come under active exploitation in the wild following the release of a ...
Unpatched Edimax Camera Flaw Exploited for Mirai Botnet Attacks Since Last Year
An unpatched security flaw impacting the Edimax IC-7100 network camera is being exploited by threat actors to deliver ...
Cybercriminals Exploit CSS to Evade Spam Filters and Track Email Users' Actions
Malicious actors are exploiting Cascading Style Sheets (CSS), which are used to style and format the layout of web pages, to bypass ...
⚡ THN Weekly Recap: Router Hacks, PyPI Attacks, New Ransomware Decryptor, and More
From sophisticated nation-state campaigns to stealthy malware lurking in unexpected places, this week's cybersecurity landscape is a reminder that attackers are always ...
SANS Institute Warns of Novel Cloud-Native Ransomware Attacks
The latest Palo Alto Networks Unit 42 Cloud Threat Report found that sensitive data is found in ...
GitHub Action Compromise Puts CI/CD Secrets at Risk in Over 23,000 Repositories
Cybersecurity researchers are calling attention to an incident in which the popular GitHub Action tj-actions/changed-files was compromised to leak secrets from repositories using ...
Hackers Rapidly Adopt ClickFix Technique for Sophisticated Attacks
This method exploits human psychology by presenting users with fake prompts that appear to resolve ...
Supply Chain Attack Targets 23,000 GitHub Repositories
A critical security incident has been uncovered involving the popular GitHub Action ...
Beware! Malware Hidden in Free Word-to-PDF Converters
The FBI has issued a warning about a growing threat involving free file conversion tools, which are being used to spread ...
MassJacker Clipper Malware Targets Users Installing Pirated Software
A recent investigation has uncovered previously unknown cryptojacking malware, dubbed MassJacker, which primarily targets ...
New Steganographic Malware Hides in JPG Files to Deploy Multiple Password Stealers
A recent cybersecurity threat has emerged in the form of a steganographic campaign that uses seemingly harmless JPG files to distribute multiple types of ...
Researchers Expose New Polymorphic Attack That Clones Browser Extensions to Steal Credentials
Cybersecurity researchers have demonstrated a novel technique that allows a malicious web browser extension to impersonate any ...
Desert Dexter Targets 900 Victims Using Facebook Ads and Telegram Malware Links
"The campaign, which leverages social media to distribute malware, is tied to ...
Why The Modern Google Workspace Needs Unified Security
This patchwork approach often creates blind spots, making it harder—not easier—to ...
⚡ THN Weekly Recap: New Attacks, Old Tricks, Bigger Impact
This week's events reveal a sobering reality: state-sponsored groups are infiltrating ...
SilentCryptoMiner Infects 2,000 Russian Users via Fake VPN and DPI Bypass Tool
A new mass malware campaign is infecting users with a cryptocurrency miner named SilentCryptoMiner by masquerading it as ...
New Linux Kernel Code Written in Rust Aims to Eliminate Memory Safety Bugs
The integration of Rust into the Linux kernel is a significant step forward in enhancing memory safety, a critical aspect of kernel development.This...
North Korean IT Workers Linked to 2,400 Astrill VPN IP Addresses
New data has emerged linking over 2,400 IP addresses associated with Astrill VPN to individuals believed to be North Korean IT workers.These findings were ...
Laravel Framework Flaw Allows Attackers to Execute Malicious JavaScript
A significant vulnerability has been identified in the Laravel framework, specifically affecting versions between 11.9.0 and 11.35.1.The issue revolves around improper encoding of request...
Critical Vulnerabilities in Moxa Switches Enable Unauthorized Access
A critical vulnerability identified as CVE-2024-12297 has been discovered in Moxa's PT series of network switches, affecting multiple models across different product lines.This security...
Cobalt Strike Exploitation by Hackers Drops, Report Reveals
A collaborative initiative involving Microsoft’s Digital Crimes Unit (DCU), Fortra, and the Health Information Sharing and Analysis Center (Health-ISAC) has reported a major drop...
Developer Pleads Guilty to Injecting Malware and Crippling Company Systems
In a stunning case of corporate sabotage, a former software developer for Eaton Corp., Davis Lu, 55, of Houston, has been found guilty by...
WinDbg Vulnerability Allows Attackers to Execute Remote Code
Microsoft recently disclosed a critical vulnerability impacting its debugging tool, WinDbg, and associated .NET packages.Tracked CVE-2025-24043, this flaw allows remote code execution (RCE) due...
Trump Coins Used as Lure in Malware Campaign
Binance is being spoofed in an email campaign using free TRUMP Coins as a lure leading to the installation of the ConnectWise RAT.
Details Disclosed for SCADA Flaws That Could Facilitate Industrial Attacks
Palo Alto Networks has shared details on several high-severity Mitsubishi Electric and Iconics SCADA vulnerabilities.
Cobalt Strike Abuse Dropped 80% in Two Years
Fortra has shared an update on the effects of actions taken to reduce the abuse of Cobalt Strike by threat actors.
Developer Convicted for Hacking Former Employer’s Systems
Davis Lu was convicted of sabotaging his employer’s systems through malicious code, and deleting encrypted data.
Google Paid Out $12 Million via Bug Bounty Programs in 2024
In 2024, Google paid out nearly $12 million in bug bounties through its revamped vulnerability reward programs.
Mass Exploitation of Critical PHP Vulnerability Begins
GreyNoise warns of mass exploitation of a critical vulnerability in PHP leading to remote code execution on vulnerable servers.
560,000 People Impacted Across Four Healthcare Data Breaches
Several healthcare organizations in different US states have disclosed data breaches affecting 100,000-200,000 individuals.
TechCrunch Cybersecurity
TechCrunch reports on the business of technology, startups, venture capital funding, Silicon Valley and cybersecurity.
Security Week
SecurityWeek provides cybersecurity news and information to global enterprises, with expert insights & analysis for IT security professionals.
Top 5 Strategies for Cybersecurity Red Teaming
Red teaming offers a proactive approach to cybersecurity that is most effective when implemented through a strategy that includes collaboration and AI.
Security isn't just about tools — it's about understanding how the enemy thinks and why they make certain choices.
CISA provides information on cybersecurity best practices to help individuals and organizations implement preventative measures and manage cyber risks.
Learn how to protect yourself, your family and your home with these tips and resources
Organizations of all sizes need to keep their data, employees and customers safe and secure. Learn how to protect your business with these resources.
The ROI of Security Investments: How Cybersecurity Leaders Prove It
Cyber threats are intensifying, and cybersecurity has become critical to business operations.
Learn job-ready skills that are in-demand, like how to identify and mitigate common risks, threats, and vulnerabilities — and discover how to effectively utilize AI in cybersecurity.
|
