GhostToken Flaw Could Let Attackers Hide Malicious Apps in Google Cloud Platform
Cybersecurity researchers have disclosed details of a now-patched zero-day flaw in Google Cloud Platform (GCP) that could have enabled threat...
Cybersecurity researchers have disclosed details of a now-patched zero-day flaw in Google Cloud Platform (GCP) that could have enabled threat...
A large-scale attack campaign discovered in the wild has been exploiting Kubernetes (K8s) Role-Based Access Control (RBAC) to create backdoors...
The supply chain attack targeting 3CX was the result of a prior supply chain compromise associated with a different company,...
Recently, Andrew Martin, founder and CEO of ControlPlane, released a report entitled Cloud Native and Kubernetes Security Predictions 2023. These...
Cisco and VMware have released security updates to address critical security flaws in their products that could be exploited by...
An investigation into last month's 3CX supply chain attack discovered that it was caused by another supply chain compromise where...
Google’s Threat Analysis Group (TAG) has been monitoring and disrupting Russian state-backed cyberattacks targeting Ukraine’s critical infrastructure in 2023. Google...
VMware addressed a critical vRealize Log Insight security vulnerability that allows remote attackers to gain remote execution on vulnerable appliances....
Attackers are using Eval PHP, an outdated legitimate WordPress plugin, to compromise websites by injecting stealthy backdoors. Eval PHP is an...
London-based professional outsourcing giant Capita has published an update on the cyber-incident that impacted it at the start of the...
A new Lazarus campaign considered part of "Operation DreamJob" has been discovered targeting Linux users with malware for the first...
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
The notorious North Korea-aligned state-sponsored actor known as the Lazarus Group has been attributed to a new campaign aimed at...
A chain of two critical flaws has been disclosed in Alibaba Cloud's ApsaraDB RDS for PostgreSQL and AnalyticDB for PostgreSQL...
Why is Visibility into OT Environments Crucial?# The significance of Operational Technology (OT) for businesses is undeniable as the OT...
Telecommunication services providers in Africa are the target of a new campaign orchestrated by a China-linked threat actor at least...
Israeli spyware maker NSO Group deployed at least three novel "zero-click" exploits against iPhones in 2022 to infiltrate defenses erected...
Fortra, the company behind Cobalt Strike, shed light on a zero-day remote code execution (RCE) vulnerability in its GoAnywhere MFT...
In the short time since their inception, ChatGPT and other generative AI platforms have rightfully gained the reputation of ultimate...
Google has released a security update for the Chrome web browser to fix the second zero-day vulnerability found to be...
The Play ransomware group has developed two custom tools in .NET, namely Grixba and VSS Copying Tool, which it uses...
March 2023 was the most prolific month recorded by cybersecurity analysts in recent years, measuring 459 attacks, an increase of...
The United Kingdom's NCSC (National Cyber Security Centre) is warning of a heightened risk from attacks by state-aligned Russian hacktivists,...
Fortra has completed its investigation into the exploitation of CVE-2023-0669, a zero-day flaw in the GoAnywhere MFT solution that the...