Cybersecurity researchers have exposed a wide variety of techniques adopted by an advanced malware downloader called GuLoader to evade security software. “New shellcode anti-analysis technique attempts to thwart researchers and hostile... Read more »

BlueNoroff, a subcluster of the notorious Lazarus Group, has been observed adopting new techniques into its playbook that enable it to bypass Windows Mark of the Web (MotW) protections.... Read more »

Decentralized multi-chain crypto wallet BitKeep on Wednesday confirmed a cyber attack that allowed threat actors to distribute fraudulent versions of its Android app with the goal of stealing users’... Read more »

Microsoft’s decision to block Visual Basic for Applications (VBA) macros by default for Office files downloaded from the internet has led many threat actors to improvise their attack chains... Read more »

Users searching for popular software are being targeted by a new malvertising campaign that abuses Google Ads to serve trojanized variants that deploy malware, such as Raccoon Stealer and... Read more »

Thousands of Citrix Application Delivery Controller (ADC) and Gateway endpoints remain vulnerable to two critical security flaws disclosed by the company over the last few months. The issues in... Read more »

A security researcher was awarded a bug bounty of $107,500 for identifying security issues in Google Home smart speakers that could be exploited to install backdoors and turn them... Read more »

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two years-old security flaws impacting TIBCO Software’s JasperReports product to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.... Read more »

Google has agreed to pay a total of $29.5 million to settle two different lawsuits brought by Indiana and Washington, D.C., over its “deceptive” location tracking practices. The search... Read more »