The North Korean state-sponsored threat actor known as Kimsuky has been discovered using a new reconnaissance tool called ReconShark as part of an ongoing global campaign. “[ReconShark] is actively delivered to specifically targeted... Read more »

PHP software package repository Packagist revealed that an “attacker” gained access to four inactive accounts on the platform to hijack over a dozen packages with over 500 million installs... Read more »

A new Android subscription malware named Fleckpe has been unearthed on the Google Play Store, amassing more than 620,000 downloads in total since 2022. Kaspersky, which identified 11 apps on the... Read more »

Cisco has warned of a critical security flaw in SPA112 2-Port Phone Adapters that it said could be exploited by a remote attacker to execute arbitrary code on affected... Read more »

Cybersecurity researchers have found a way to exploit a recently disclosed critical flaw in PaperCut servers in a manner that bypasses all current detections. Tracked as CVE-2023-27350 (CVSS score: 9.8), the... Read more »

Three new security flaws have been disclosed in Microsoft Azure API Management service that could be abused by malicious actors to gain access to sensitive information or backend services.... Read more »

IT and cybersecurity teams are so inundated with security notifications and alerts within their own systems, it’s difficult to monitor external malicious environments – which only makes them that... Read more »

Three different threat actors leveraged hundreds of elaborate fictitious personas on Facebook and Instagram to target individuals located in South Asia as part of disparate attacks. “Each of these... Read more »

Meta said it took steps to take down more than 1,000 malicious URLs from being shared across its services that were found to leverage OpenAI’s ChatGPT as a lure... Read more »