Threat actors associated with the Cyclops ransomware have been observed offering an information stealer malware that’s designed to capture sensitive data from infected hosts. “The threat actor behind this [ransomware-as-a-service] promotes... Read more »

A Chinese-speaking phishing gang dubbed PostalFurious has been linked to a new SMS campaign that’s targeting users in the U.A.E. by masquerading as postal services and toll operators, per Group-IB. The... Read more »

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday placed two recently disclosed flaws in Zyxel firewalls to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.... Read more »

Microsoft has officially linked the ongoing active exploitation of a critical flaw in the Progress Software MOVEit Transfer application to a threat actor it tracks as Lace Tempest. “Exploitation is often followed... Read more »

Over 55% of security executives report that they have experienced a SaaS security incident in the past two years — ranging from data leaks and data breaches to SaaS... Read more »

Cybersecurity researchers have unearthed a new ongoing Magecart-style web skimmer campaign that’s designed to steal personally identifiable information (PII) and credit card data from e-commerce websites. A noteworthy aspect that... Read more »

A surge in TrueBot activity was observed in May 2023, cybersecurity researchers disclosed. “TrueBot is a downloader trojan botnet that uses command and control servers to collect information on... Read more »

An unknown cybercrime threat actor has been observed targeting Spanish- and Portuguese-speaking victims to compromise online banking accounts in Mexico, Peru, and Portugal. “This threat actor employs tactics such... Read more »

The U.S. Federal Trade Commission (FTC) has fined Amazon a cumulative $30.8 million over a series of privacy lapses regarding its Alexa assistant and Ring security cameras. This comprises... Read more »