Morphisec researchers observed a threat actor, tracked as Sticky Werewolf, targeting entities in Russia and Belarus. Sticky Werewolf is a threat actor that was first spotted in April 2023,... Read more »

Frontier Communications is notifying over 750,000 individuals that their personal information was stolen in a recent cyber attack. Last week, the RansomHub ransomware group claimed to have stolen the... Read more »

A new PHP for Windows remote code execution (RCE) flaw affects version 5.x and earlier versions, potentially impacting millions of servers worldwide. Researchers at cybersecurity firm DEVCORE discovered a critical... Read more »

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new... Read more »

The source code and data of The New York Times leaked on the 4chan was stolen from the company’s GitHub repositories in January 2024. This week, VX-Underground first noticed... Read more »

SolarWinds addressed multiple vulnerabilities in Serv-U and the SolarWinds Platform, including a bug reported by a pentester working with NATO. SolarWinds announced security patches to address multiple high-severity vulnerabilities... Read more »

Chinese shopping platform Pandabuy previously paid a ransom demand to an extortion group that extorted the company again this week. The story of the attack against the Chinese shopping... Read more »

Ukraine CERT-UA warned of cyber attacks targeting defense forces with SPECTR malware as part of a cyber espionage campaign dubbed SickSync. The Computer Emergency Response Team of Ukraine (CERT-UA)... Read more »

Akamai observed a Chinese-speaking group exploiting two flaws, tracked as CVE-2018-20062 and CVE-2019-9082, in ThinkPHP applications. Akamai researchers observed a Chinese threat actor exploiting two old remote code execution... Read more »