A OneClik campaign, likely carried out by China-linked actor, targets energy sectors using stealthy ClickOnce and Golang backdoors. Trellix cybersecurity researchers uncovered a new APT malware campaign, OneClik, targeting... Read more »

Iran-linked APT42 targets Israeli experts with phishing attacks, posing as security professionals to steal email credentials and 2FA codes. Iran-linked group APT42 (aka Educated Manticore, Charming Kitten, and Mint Sandstorm)... Read more »

British national Kai West, aka IntelBroker, was charged in U.S. for a global hacking scheme that stole and sold data, causing millions in damages. Kai West (25), a British... Read more »

Cisco released patches to address two critical vulnerabilities in ISE and ISE-PIC that could let remote attackers execute to code as root. Cisco addressed two critical vulnerabilities, tracked as... Read more »

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds AMI MegaRAC SPx, D-Link DIR-859 routers, and Fortinet FortiOS flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure... Read more »

New Citrix flaw ‘CitrixBleed 2’ lets attackers steal session cookies without logging in, echoing a previously exploited vulnerability. A new flaw in Citrix NetScaler ADC and Gateway, dubbed ‘CitrixBleed... Read more »

Hackers spread a trojanized version of SonicWall VPN app to steal login credentials from users accessing corporate networks. Unknown threat actors are distributing a trojanized version of SonicWall NetExtender... Read more »

Mainline Health Systems disclosed a data breach that impacted over 100,000 individuals. Mainline Health Systems is a nonprofit Federally Qualified Health Center founded in 1978 in Portland, Arkansas, serving... Read more »

Cybersecurity researchers devised two attack techniques to disrupt the operations of cryptocurrency mining botnets. Akamai Researchers uncovered two novel techniques to disrupt cryptocurrency mining botnets by exploiting flaws in common mining... Read more »