News

The strange link between Industrial Spy and the Cuba ransomware operation

May 28, 2022

The recently launched Industrial Spy data extortion marketplace has now started its ransomware operation. In April, Malware HunterTeam and Bleeping...

Reuters: Russia-linked APT behind Brexit leak website

May 28, 2022

Russia-linked threat actors are behind a new website that published leaked emails from leading proponents of Britain’s exit from the...

GitHub: Nearly 100,000 NPM Users’ credentials stolen in the April OAuth token attack

May 28, 2022

GitHub provided additional details into the theft of its integration OAuth tokens that occurred in April, with nearly 100,000 NPM users’ credentials....

sl-insect-threat-malware-bug-ant-990x400-3

IT threat evolution in Q1 2022. Mobile statistics

May 28, 2022

IT threat evolution in Q1 2022 IT threat evolution in Q1 2022. Non-mobile statistics IT threat evolution in Q1 2022....

sl-insect-threat-malware-bug-ant-990x400-2

IT threat evolution Q1 2022

May 28, 2022

IT threat evolution in Q1 2022 IT threat evolution in Q1 2022. Non-mobile statistics IT threat evolution in Q1 2022....

sl-insect-threat-malware-bug-ant-990x400-1

IT threat evolution in Q1 2022. Non-mobile statistics

May 28, 2022

IT threat evolution in Q1 2022 IT threat evolution in Q1 2022. Non-mobile statistics IT threat evolution in Q1 2022....

Android pre-installed apps are affected by high-severity vulnerabilities

May 27, 2022

Microsoft found several high-severity vulnerabilities in a mobile framework used in pre-installed Android System apps. The Microsoft 365 Defender Research...

GhostTouch: how to remotely control touchscreens with EMI

May 27, 2022

Security researchers devised a technique, dubbed GhostTouch, to remotely control touchscreens using electromagnetic signals. A team of researchers from Zhejiang...

FBI: Compromised US academic credentials available on various cybercrime forums

May 27, 2022

The FBI warns organizations in the higher education sector of credentials sold on cybercrime forums that can allow threat actors...

Twitter fined $150M after using 2FA phone numbers for marketing

May 27, 2022

The Federal Trade Commission (FTC) and the Department of Justice (DOJ) have ordered Twitter to pay a $150M penalty for...

Firefox, Thunderbird, receive patches for critical security issues

May 27, 2022

Mozilla has published updates for two critical security issues in Firefox and Thunderbird, demonstrated during Pwn2Own Vancouver. The vulnerabilities, discovered...

ERMAC 2.0 Android Banking Trojan targets over 400 apps

May 27, 2022

A new version of the ERMAC Android banking trojan is able to target an increased number of apps. The ERMAC...

Experts released PoC exploit code for critical VMware CVE-2022-22972 flaw

May 27, 2022

Security researchers released PoC exploit code for the critical authentication bypass vulnerability CVE-2022-22972 affecting multiple VMware products. Horizon3 security researchers...

Managed detection and response in 2021

May 27, 2022

Kaspersky Managed Detection and Response (MDR) helps organizations to complement existing detection capabilities or to expand limited in-house resources to...

Cyber Risk Management Strategies from Arjo CIO

May 26, 2022

Andrea Berg, CIO of Arjo, explores the critical need for effective and inclusive communication around IT requirements to expand beyond...

Exposed: the threat actors who are poisoning Facebook

May 26, 2022

An investigation of the infamous “Is That You?” video scam led Cybernews researchers into exposing threat actors who are poisoning...

Zyxel addresses four flaws affecting APs, AP controllers, and firewalls

May 26, 2022

Zyxel addressed multiple vulnerabilities impacting many of its products, including APs, AP controllers, and firewalls. Zyxel has released security updates...

Experts warn of a new malvertising campaign spreading the ChromeLoader

May 26, 2022

Researchers warn of a new malvertising campaign spreading the ChromeLoader malware that hijacks the victims’ browsers. Researchers from Red Canary...

ChromeLoader targets Chrome Browser users with malicious ISO files

May 26, 2022

If you’re on the hunt for cracked software or games, be warned. Rogue ISO archive files are looking to infect...

Do not use Tails OS until a flaw in the bundled Tor Browser will be fixed

May 26, 2022

The maintainers of the Tails project (The Amnesic Incognito Live System) warn users that the Tor Browser bundled with the...

bleepingcomputer-conversation-copy-556x600-1

Watch out! Tinder and Grinder users targeted by cruel scammers using real abuse photos

May 26, 2022

A horrible catfishing scam is using real abuse photos in order to lure in unsuspecting victims on sites like Tinder...

Italy announced its National Cybersecurity Strategy 2022/26

May 26, 2022

Italy announced its National Cybersecurity Strategy for 2022/26, a crucial document to address cyber threats and increase the resilience of...

If you get an email saying “Item stopped due to unpaid customs fee”, it’s a fake

May 26, 2022

Our spam traps recently caught a phishing scam that neatly illustrates some of the tactics scammers use routinely to avoid...

The Verizon 2022 DBIR

May 26, 2022

The Verizon 2022 Data Breach Investigations Report is out. We are proud to collaborate as a supporting contributor to this...

News

The strange link between Industrial Spy and the Cuba ransomware operation

Reuters: Russia-linked APT behind Brexit leak website

GitHub: Nearly 100,000 NPM Users’ credentials stolen in the April OAuth token attack

IT threat evolution in Q1 2022. Mobile statistics

IT threat evolution Q1 2022

IT threat evolution in Q1 2022. Non-mobile statistics

Android pre-installed apps are affected by high-severity vulnerabilities

GhostTouch: how to remotely control touchscreens with EMI

FBI: Compromised US academic credentials available on various cybercrime forums

Twitter fined $150M after using 2FA phone numbers for marketing

Firefox, Thunderbird, receive patches for critical security issues

ERMAC 2.0 Android Banking Trojan targets over 400 apps

Experts released PoC exploit code for critical VMware CVE-2022-22972 flaw

Managed detection and response in 2021

Cyber Risk Management Strategies from Arjo CIO

Exposed: the threat actors who are poisoning Facebook

Zyxel addresses four flaws affecting APs, AP controllers, and firewalls

Experts warn of a new malvertising campaign spreading the ChromeLoader

ChromeLoader targets Chrome Browser users with malicious ISO files

Do not use Tails OS until a flaw in the bundled Tor Browser will be fixed

Watch out! Tinder and Grinder users targeted by cruel scammers using real abuse photos

Italy announced its National Cybersecurity Strategy 2022/26

If you get an email saying “Item stopped due to unpaid customs fee”, it’s a fake

The Verizon 2022 DBIR

HackerOne Bug Bounty Disclosure: stored-xss-on-tiktok-s-backend-leads-to-the-leakage-of-highly-sensitive-administrator-data-cookies-api-keys-internal-paths-emails-phone-numbers-ahmed-xyz

HackerOne Bug Bounty Disclosure: toctou-race-condition-in-http-connection-reuse-leads-to-certificate-validation-bypass–xrey

HackerOne Bug Bounty Disclosure: chained-broken-access-control-in-tiktok-live-backstage-enables-full-control-of-public-leaderboard-activities-eneri

CVE Alert: CVE-2025-9018 – germanpearls – Time Tracker

CVE Alert: CVE-2025-9874 – webcodingplace – Ultimate Classified Listings

You may have missed