Persistence is one of the key things for threat actors to maintain their access to compromised systems and establish connections whenever they require.
Threat actors operating with interests aligned to Belarus and Russia have been linked to a new cyber espionage campaign that likely exploited cross-site scripting (XSS) vulnerabilities in Roundcube webmail servers to target over 80 organizations.
A critical security flaw in the Bricks theme for WordPress is being actively exploited by threat actors to run arbitrary PHP code on susceptible installations.
Google and Mozilla this week released Chrome and Firefox software updates to resolve multiple vulnerabilities in both browsers, including high-severity memory safety bugs.
Bazel, an open-source software used for automation of building and testing, has been discovered with a critical supply chain vulnerability
The Iranian threat actor known as Tortoiseshell has been attributed to a new wave of watering hole attacks that are designed to deploy a malware dubbed IMAPLoader.
Malicious actors have begun to actively exploit a recently disclosed critical security flaw impacting Atlassian Confluence Data Center and Confluence Server, within three days of public disclosure.
The Russia-linked threat actor known as COLDRIVER has been observed evolving its tradecraft to go beyond credential harvesting to deliver its first-ever custom malware written in the Rust programming language.
New assessment focuses on how AI will impact the efficacy of cyber operations and the implications for the cyber threat over the next two years.
Remote desktop software maker AnyDesk disclosed on Friday that it suffered a cyber attack that led to a compromise of its production systems.