A critical flaw in Open VSX Registry could let attackers hijack the VS Code extension hub, exposing millions of developers to supply chain attacks. Cybersecurity researchers at Koi Security... Read more »
Phishing is a fraudulent practice in which an attacker masquerades as a reputable entity or person to trick users into revealing sensitive information. Read more »
Days after news emerged of a new Citrix NetScaler flaw comparable in its scope and severity to 2023’s infamous Citrix Bleed, there are already clear indicators that threat actors... Read more »
Multiple reports are emerging of cyber attacks on airlines – Google Cloud’s Mandiant believes them to be linked. Read more »
A OneClik campaign, likely carried out by China-linked actor, targets energy sectors using stealthy ClickOnce and Golang backdoors. Trellix cybersecurity researchers uncovered a new APT malware campaign, OneClik, targeting... Read more »
Belgian-Dutch supermarket operator Ahold Delhaize reveals that over two million people, including employees, had their data compromised following a November 2024 ransomware attack. Read more »
The founder of the National Cyber Security Centre spoke with Computer Weekly at Infosecurity Europe 2025 about how artificial intelligence might disturb the attacker-defender security equilibrium Read more »
Iran-linked APT42 targets Israeli experts with phishing attacks, posing as security professionals to steal email credentials and 2FA codes. Iran-linked group APT42 (aka Educated Manticore, Charming Kitten, and Mint Sandstorm)... Read more »
In this Help Net Security interview, Michal Tresner, CEO of ThreatMark, discusses how cybercriminals are weaponizing AI, automation, and social engineering to industrialize money mule operations. He looks at... Read more »
Every time there’s a natural or manmade disaster that takes medical equipment offline, cuts connectivity to emergency services and loved ones, or shuts down access to ATMs, network engineers... Read more »
