The China-linked cyber espionage group tracked as APT41 has been attributed to a new campaign targeting government IT services in the African region. “The attackers
Cybersecurity researchers have unearthed new Android spyware artifacts that are likely affiliated with the Iranian Ministry of Intelligence and Security (MOIS) and have been distributed
Even in well-secured environments, attackers are getting in—not with flashy exploits, but by quietly taking advantage of weak settings, outdated encryption, and trusted tools left
By 2025, Zero Trust has evolved from a conceptual framework into an essential pillar of modern security. No longer merely theoretical, it’s now a requirement
Cybersecurity researchers have disclosed a novel attack technique that allows threat actors to bypass Fast IDentity Online (FIDO) key protections by deceiving users into approving
Hewlett-Packard Enterprise (HPE) has released security updates to address a critical security flaw affecting Instant On Access Points that could allow an attacker to bypass
A new attack campaign has compromised more than 3,500 websites worldwide with JavaScript cryptocurrency miners, marking the return of browser-based cryptojacking attacks once popularized by
Microsoft on Sunday released security patches for an actively exploited security flaw in SharePoint and also released details of another vulnerability that it said has
The financially motivated threat actor known as EncryptHub (aka LARVA-208 and Water Gamayun) has been attributed to a new campaign that’s targeting Web3 developers to
A critical security vulnerability in Microsoft SharePoint Server has been weaponized as part of an “active, large-scale” exploitation campaign. The zero-day flaw, tracked as CVE-2025-53770