A 29-year-old Russian national has been arrested in Buenos Aires, Argentina by the federal police on charges of money laundering for North Korean Lazarus hackers using cryptocurrency.

A new malware campaign has targeted numerous online stores, compromising their security by injecting digital skimmers that can steal credit card information during the checkout process.

The US government has filed a lawsuit against the Georgia Institute of Technology (Georgia Tech) and its affiliate Georgia Tech Research Corporation (GTRC) for alleged cybersecurity violations.

Cybersecurity researchers are warning about the security risks in the machine learning (ML) software supply chain following the discovery of more than 20 vulnerabilities that could be exploited to target MLOps platforms. These vulnerabilities, which are described as...

Nowadays, sensitive and critical data is traveling in everyday business channels that offer only the basic level of security and encryption, and companies are often oblivious to the risk. A case in point: Disney suffered a devastating data leak by a hacktivist group...

A sophisticated Linux malware called 'sedexp' has been flying under the radar since 2022, utilizing a unique persistence technique not yet recognized by the MITRE ATT&CK framework.

The Kremlin attributed the widespread website disruptions in Russia to a DDoS attack, but digital experts disagree, stating that it is unlikely to target all 2,000 Russian telecom operators simultaneously.

Meta Platforms revealed an Iranian hacker group targeting global political figures on WhatsApp. The Iranian state-sponsored threat actor APT42 used WhatsApp accounts to target individuals in Israel, Palestine, Iran, the U.K., and the U.S.

Two security vulnerabilities have been disclosed in the open-source Traccar GPS tracking system that could be potentially exploited by unauthenticated attackers to achieve remote code execution under certain circumstances. Both the vulnerabilities are path traversal...

SolarWinds has fixed another critical bug in Web Help Desk, known as CVE-2024-28987. This flaw involves hardcoded credentials that can be exploited by remote unauthenticated users to access internal functions and alter data.