Google on Thursday outlined a set of initiatives aimed at improving the vulnerability management ecosystem and establishing greater transparency measures around exploitation. “While the notoriety of zero-day vulnerabilities typically... Read more »

Cybersecurity researchers have detailed the tactics of a “rising” cybercriminal gang called “Read The Manual” (RTM) Locker that functions as a private ransomware-as-a-service (RaaS) provider and carries out opportunistic... Read more »

Popular instant messaging app WhatsApp on Thursday announced a new account verification feature that ensures that malware running on a user’s mobile device doesn’t impact their account. “Mobile device... Read more »

An emerging Python-based credential harvester and a hacking tool named Legion are being marketed via Telegram as a way for threat actors to break into various online services for further exploitation.... Read more »

The Transparent Tribe threat actor has been linked to a set of weaponized Microsoft Office documents in attacks targeting the Indian education sector using a continuously maintained piece of malware called... Read more »

Shadow APIs are a growing risk for organizations of all sizes as they can mask malicious behavior and induce substantial data loss. For those that aren’t familiar with the... Read more »

The North Korean threat actor known as the Lazarus Group has been observed shifting its focus and rapidly evolving its tools and tactics as part of a long-running activity... Read more »

OpenAI, the company behind the massively popular ChatGPT AI chatbot, has launched a bug bounty program in an attempt to ensure its systems are “safe and secure.” To that end, it... Read more »

Threat actors using hacking tools from an Israeli surveillanceware vendor named QuaDream targeted at least five members of civil society in North America, Central Asia, Southeast Asia, Europe, and... Read more »