Victims instructed to make a phone call that will direct them to a link for downloading malware. A new callback phishing campaign is impersonating prominent...

The heap buffer overflow issue in the browser’s WebRTC engine could allow attackers to execute arbitrary code. While people were celebrating the Fourth of July...

Attacks against U.S. companies spike in Q1 2022 with patchable and preventable external vulnerabilities responsible for bulk of attacks. Eighty-two percent of attacks...

Deja-Vu data from this year’s DBIR report feels like we are stuck in the movie ‘Groundhog Day.’ Ransomware and social engineering continue to dominate...

The malvertiser’s use of PowerShell could push it beyond its basic capabilities to spread ransomware, spyware or steal data from browser sessions, researchers warn. ChromeLoader...

Privilege escalation flaw discovered in the Jupiter and JupiterX Core Plugin affects more than 90,000 sites. A critical privilege escalation flaw found in two themes...

An account promoting the project—which offers a range of threat activity from info-stealing to crypto-mining to ransomware as individual modules—has more than 500 subscribers. Cybercriminals...

Four months after the critical flaw was discovered, attackers have a massive attack surface from which they can exploit the flaw and take over...

Last year, Google Project Zero tracked a record 58 exploited-in-the-wild zero-day security holes. Google Project Zero reported 58 exploited zero-day vulnerabilities in 2021, a...

In this time of unprecedented cyberwar, organizations must protect the personal digital lives of their executives in order to reduce the company’s risk of...

Fortinet’s Derek Manky discusses the exponential increase in the speed that attackers weaponize fresh vulnerabilities, where botnets and offensive automation fit in, and the...

Connections that show the cybercriminal teams are working together signal shifts in their respective tactics and an expansion of opportunities to target victims. Researchers have...