A Russa-nexus adversary has been linked to 94 new domains, suggesting that the group is actively modifying its infrastructure in response to public disclosures about its activities. Cybersecurity firm... Read more »

A sophisticated Facebook phishing campaign has been observed exploiting a zero-day flaw in Salesforce’s email services, allowing threat actors to craft targeted phishing messages using the company’s domain and... Read more »

About 34% of security vulnerabilities impacting industrial control systems (ICSs) that were reported in the first half of 2023 have no patch or remediation, registering a significant increase from... Read more »

Cybersecurity researchers have discovered a new post-exploitation technique in Amazon Web Services (AWS) that allows the AWS Systems Manager Agent (SSM Agent) to be run as a remote access... Read more »

In recent years the rise of illicit activities conducted within online messaging platforms has become a growing concern for countless industries. One of the most notable platforms that has... Read more »

Services offered by an obscure Iranian company known as Cloudzy are being leveraged by multiple threat actors, including cybercrime groups and nation-state crews. “Although Cloudzy is incorporated in the... Read more »

Advanced persistent threat (APT) actors exploited a recently disclosed critical flaw impacting Ivanti Endpoint Manager Mobile (EPMM) as a zero-day since at least April 2023 in attacks directed against... Read more »

Cybersecurity researchers have unearthed a Python variant of a stealer malware NodeStealer that’s equipped to fully take over Facebook business accounts as well as siphon cryptocurrency. Palo Alto Network Unit 42... Read more »

Various European customers of different banks are being targeted by an Android banking trojan called SpyNote as part of an aggressive campaign detected in June and July 2023. “The spyware is... Read more »