Lazarus APT targets crypto wallets using cross-platform JavaScript stealer

The North Korea-linked APT group Lazarus uses a cross-platform JavaScript stealer to target crypto wallets in a new hacking campaign. Bitdefender researchers reported that the North Korea-linked Lazarus group uses fake... Read more »

U.S. CISA adds Linux kernel flaw to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Linux kernel vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a Linux kernel vulnerability,... Read more »

CISA Adds Four Vulnerabilities to Catalog for Federal Enterprise

CISA adds four new vulnerabilities to its catalog, urging agencies to remediate risks. Learn about the latest exploits and how they impact enterprise security. Read more »

21% of CISOs Have Been Pressured Not to Report a Compliance Issue, Research Finds

CISOs face growing boardroom pressure, compliance challenges, and cyber threats. Discover key insights from Splunk’s latest report on cybersecurity leadership. Read more »

Cybercrime gang exploited VeraCore zero-day vulnerabilities for years (CVE-2025-25181, CVE-2024-57968)

XE Group, a cybercriminal outfit that has been active for over a decade, has been quietly exploiting zero-day vulnerabilities (CVE-2025-25181, CVE-2024-57968) in VeraCore software, a popular solution for warehouse... Read more »

U.S. CISA adds Microsoft .NET Framework, Apache OFBiz, and Paessler PRTG Network Monitor flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft .NET Framework, Apache OFBiz, and Paessler PRTG Network Monitor flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and... Read more »

SafeBreach exposure validation platform identifies security gaps

SafeBreach launched SafeBreach exposure validation platform, which combines the power of its time-tested breach and attack simulation (BAS) product—now called Validate—and its new attack path validation product, Propagate. Together,... Read more »

Swap EOL Zyxel routers, upgrade Netgear ones!

There will be no patches for EOL Zyxel routers under attack via CVE-2024-40891, the company has confirmed. Meanwhile, Netgear has issued patches for critical flaws affecting its routers and... Read more »

SparkCat campaign target crypto wallets using OCR to steal recovery phrases

In late 2024, Kaspersky experts discovered a malicious campaign, called SparkCat, spreading malware to target crypto wallets. In March 2023, ESET found malware in modified versions of messengers using... Read more »

Satori provides visibility into data store risk levels

Satori announced its new capabilities, enabling security teams to be in control of all customer data across the development lifecycle in a simple, cost-effective, and holistic way. These capabilities... Read more »
Subscribe to our Newsletter