- Critical Flaws in WGS-804HPT Switches Enable RCE and Network Exploitation
- Python-Based Bots Exploiting PHP Servers Fuel Gambling Platform Proliferation
- How to Bring Zero Trust to Wi-Fi Security with a Cloud-based Captive Portal?
- New ‘Sneaky 2FA’ Phishing Kit Targets Microsoft 365 Accounts with 2FA Code Bypass
- U.S. Sanctions North Korean IT Worker Network Supporting WMD Programs
- European Privacy Group Sues TikTok and AliExpress for Illicit Data Transfers to China
- Russian Star Blizzard Shifts Tactics to Exploit WhatsApp QR Codes for Credential Harvesting
- Ready to Simplify Trust Management? Join Free Webinar to See DigiCert ONE in Action
- The $10 Cyber Threat Responsible for the Biggest Breaches of 2024
- New UEFI Secure Boot Vulnerability Could Allow Attackers to Load Malicious Bootkits
- Researchers Find Exploit Allowing NTLMv1 Despite Active Directory Restrictions
- Hackers Hide Malware in Images to Deploy VIP Keylogger and 0bj3ctivity Stealer
- Python-Based Malware Powers RansomHub Ransomware to Exploit Network Flaws
- Researcher Uncovers Critical Flaws in Multiple Versions of Ivanti Endpoint Manager
- Google Ads Users Targeted in Malvertising Scam Stealing Credentials and 2FA Codes
- Lazarus Group Targets Web3 Developers with Fake LinkedIn Profiles in Operation 99
- North Korean IT Worker Fraud Linked to 2016 Crowdfunding Scam and Fake Domains
- Google Cloud Researchers Uncover Flaws in Rsync File Synchronization Tool
- The High-Stakes Disconnect For ICS/OT Security
- FBI Deletes PlugX Malware from 4,250 Hacked Computers in Multi-Month Operation
- 3 Actively Exploited Zero-Day Flaws Patched in Microsoft’s Latest Security Update
- Critical SimpleHelp Flaws Allow File Theft, Privilege Escalation, and RCE Attacks
- Microsoft Uncovers macOS Vulnerability CVE-2024-44243 Allowing Rootkit Installation
- Google OAuth Vulnerability Exposes Millions via Failed Startup Domains
- 4 Reasons Your SaaS Attack Surface Can No Longer be Ignored
- Illicit HuiOne Telegram Market Surpasses Hydra, Hits $24 Billion in Crypto Transactions
- Zero-Day Vulnerability Suspected in Attacks on Fortinet Firewalls with Exposed Interfaces
- Russian-Linked Hackers Target Kazakhstan in Espionage Campaign with HATVIBE Malware
- CISA Adds Second BeyondTrust Flaw to KEV Catalog Amid Active Attacks
- Hackers Exploit Aviatrix Controller Vulnerability to Deploy Backdoors and Crypto Miners
- ⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [13 January]
- Ransomware on ESXi: The mechanization of virtualized attacks
- WordPress Skimmers Evade Detection by Injecting Themselves into Database Tables
- Expired Domains Allowed Control Over 4,000 Backdoors on Compromised Systems
- Microsoft Sues Hacking Group Exploiting Azure AI for Harmful Content Creation
- DoJ Indicts Three Russians for Operating Crypto Mixers Used in Cybercrime Laundering
- Taking the Pain Out of Cybersecurity Reporting: A Practical Guide for MSPs
- AI-Driven Ransomware FunkSec Targets 85 Victims Using Double Extortion Tactics
- Hands-On Walkthrough: Microsegmentation For all Users, Workloads and Devices by Elisity
- Google Project Zero Researcher Uncovers Zero-Click Exploit Targeting Samsung Devices
- RedDelta Deploys PlugX Malware to Target Mongolia and Taiwan in Espionage Campaigns
- CrowdStrike Warns of Phishing Scam Targeting Job Seekers with XMRig Cryptominer
- Major Vulnerabilities Patched in SonicWall, Palo Alto Expedition, and Aviatrix Controllers
- New Banshee Stealer Variant Bypasses Antivirus with Apple’s XProtect-Inspired Encryption
- Product Review: How Reco Discovers Shadow AI in SaaS
- Webinar: Learn How to Stop Encrypted Attacks Before They Cost You Millions
- MirrorFace Leverages ANEL and NOOPDOOR in Multi-Year Cyberattacks on Japan
- Critical RCE Flaw in GFI KerioControl Allows Remote Code Execution via CRLF Injection
- E.U. Commission Fined for Transferring User Data to Meta in Violation of Privacy Laws
- Ivanti Flaw CVE-2025-0282 Actively Exploited, Impacts Connect Secure and Policy Secure
