Security
Headlines
HeadlinesLatestCVEs

Latest News

A New 'It RAT': Stealthy 'Resolver' Malware Burrows In

A new infostealer on the market is making big waves globally, replacing Lumma et al. in attacks and employing so many stealth, persistence, and anti-analysis tricks that it's downright difficult to count them all.

DARKReading
Open in Source
No, it’s not OK to delete that new inetpub folder

A newly created inetpub folder turns out to be part of a Microsoft update against a vulnerability tracked as CVE-2025-21204

Malwarebytes
Open in Source
#vulnerability#web#mac#windows#microsoft#perl#auth
7 RSAC 2025 Cloud Security Sessions You Don't Want to Miss

Some of the brightest minds in the industry will discuss how to strengthen cloud security.

Phishing Campaigns Use Real-Time Checks to Validate Victim Emails Before Credential Theft

Cybersecurity researchers are calling attention to a new type of credential phishing scheme that ensures that the stolen information is associated with valid online accounts. The technique has been codenamed precision-validating phishing by Cofense, which it said employs real-time email validation so that only a select set of high-value targets are served the fake login screens. "This tactic not

How DigitalOcean Moved Away From Manual Identity Management

DigitalOcean executives describe how they automated and streamlined many of the identity and access management functions that had been previously handled manually.

⚡ Weekly Recap: Windows 0-Day, VPN Exploits, Weaponized AI, Hijacked Antivirus and More

Attackers aren’t waiting for patches anymore — they are breaking in before defenses are ready. Trusted security tools are being hijacked to deliver malware. Even after a breach is detected and patched, some attackers stay hidden. This week’s events show a hard truth: it’s not enough to react after an attack. You have to assume that any system you trust today could fail tomorrow. In a world

Cybersecurity in the AI Era: Evolve Faster Than the Threats or Get Left Behind

AI is changing cybersecurity faster than many defenders realize. Attackers are already using AI to automate reconnaissance, generate sophisticated phishing lures, and exploit vulnerabilities before security teams can react. Meanwhile, defenders are overwhelmed by massive amounts of data and alerts, struggling to process information quickly enough to identify real threats. AI offers a way to

Brass Typhoon: The Chinese Hacking Group Lurking in the Shadows

Though less well-known than groups like Volt Typhoon and Salt Typhoon, Brass Typhoon, or APT 41, is an infamous, longtime espionage actor that foreshadowed recent telecom hacks.

CyberAv3ngers: The Iranian Saboteurs Hacking Water and Gas Systems Worldwide

Despite their hacktivist front, CyberAv3ngers is a rare state-sponsored hacker group bent on putting industrial infrastructure at risk—and has already caused global disruption.

Gamaredon: The Turncoat Spies Relentlessly Hacking Ukraine

For the past decade, this group of FSB hackers—including “traitor” Ukrainian intelligence officers—has used a grinding barrage of intrusion campaigns to make life hell for their former countrymen and cybersecurity defenders.