Researchers discovered a sophisticated multi-stage attack that leverages ScrubCrypt to drop VenomRAT along with many malicious plugins. Fortinet researchers observed a threat actor sending out a phishing email containing... Read more »

Google announced support for a V8 Sandbox in the Chrome web browser to protect users from exploits triggering memory corruption issues. Google has announced support for what’s called a V8 Sandbox in the... Read more »

China-linked threat actors are using AI to carry out influence operations aimed at fueling social disorders in the U.S. and Taiwan. China is using generative artificial intelligence to carry... Read more »

Greylock McKinnon Associates, a service provider for the Department of Justice, suffered a data breach that exposed data of 341650 people. Greylock McKinnon Associates (GMA) provides expert economic analysis... Read more »

Zero-day broker firm Crowdfense announced a 30 million USD offer as part of its Exploit Acquisition Program. Crowdfense is a world-leading research hub and acquisition platform focused on high-quality... Read more »

The U.S. Department of Health and Human Services (HHS) warns of attacks against IT help desks across the Healthcare and Public Health (HPH) sector. The U.S. Department of Health... Read more »

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new... Read more »

A researcher disclosed an arbitrary command injection and hardcoded backdoor issue in multiple end-of-life D-Link NAS models. A researcher who goes online with the moniker ‘Netsecfish’ disclosed a new... Read more »

Experts warn of roughly 16,500 Ivanti Connect Secure and Poly Secure gateways still vulnerable to a remote code execution (RCE) flaw. Shadowserver researchers reported that roughly 16,500 Ivanti Connect... Read more »