Iranian-backed hacking group Fox Kitten has been linked to the Pay2Key ransomware operation that has recently started targeting organizations from Israel and Brazil.
The team behind a popular WordPress plugin has disclosed a critical file upload vulnerability and issued a patch. The vulnerable plugin, Contact Form 7, has over 5 million active installations making this upgrade a necessity for WordPress site owners out there.
The compromise of multiple US federal networks following the SolarWinds breach was officially confirmed for the first time in a joint statement released earlier today by the FBI, DHS-CISA, and the Office of the Director of National Intelligence (ODNI).
Malwarebytes is running a holiday deal where you can get 40% off Malwarebytes Premium and the Malwarebytes for Teams business product for a limited time.
Malicious Chrome and Edge browser extensions with over 3 million installs, most of them still available on the Chrome Web Store and the Microsoft Edge Add-ons portal, are capable of stealing users' info and redirecting them to phishing sites.
Microsoft, FireEye, and GoDaddy have collaborated to create a kill switch for the SolarWinds Sunburst backdoor that forces the malware to terminate itself.
Threat actors behind an ongoing worldwide mobile banking fraud campaign were able to steal millions from multiple US and EU banks, needing just a few days for each attack.
New malicious RubyGems packages have been discovered that are being used in a supply chain attack to steal cryptocurrency from unsuspecting users.
Hewlett Packard Enterprise (HPE) has disclosed a zero-day bug in the latest versions of its proprietary HPE Systems Insight Manager (SIM) software for Windows and Linux.
SystemBC, a commodity malware sold on underground marketplaces, is being used by ransomware-as-a-service (RaaS) operations to hide malicious traffic and automate ransomware payload delivery on the networks of compromised victims.
Green Monday is a last-minute opportunity to secure those precious Christmas gifts before December 25th, but why not ensure they'll arrive on time and go digital?
Microsoft has released a new version of Microsoft Authenticator that now acts as a password manager for Android and iOS.
Microsoft has announced today that Microsoft Defender will begin quarantining compromised SolarWind Orion binaries starting tomorrow morning.
Newly discovered Windows info-stealing malware linked to an active threat group tracked as AridViper shows signs that it might be used to infect computers running Linux and macOS.
Microsoft has started rolling out new Universal versions of Microsoft 365 apps with native support for both Apple Silicon and Intel-based Macs starting today.
Google's global outage from yesterday was due to a bug that restricted storage space to the Identity Management System and caused the system to fail.
Vulnerability submissions have increased over the past 12 months on at least one crowdsourced security platform, with critical issue reports recording a 65% jump.
The City of Independence, Missouri, suffered a ransomware attack last week that continues to disrupt the city's services.
Mozilla Firefox 84 was released today with a dramatic performance boost after adding native support on macOS devices with Apple Silicon processors.