Latest Cybersecurity News

Stay Informed

Get the most recent updates and insights on cybersecurity to stay ahead of potential threats.

Explore Topics

No Results Found

The page you requested could not be found. Try refining your search, or use the navigation above to locate the post.

No Results Found

The page you requested could not be found. Try refining your search, or use the navigation above to locate the post.

No Results Found

The page you requested could not be found. Try refining your search, or use the navigation above to locate the post.

No Results Found

The page you requested could not be found. Try refining your search, or use the navigation above to locate the post.

No Results Found

The page you requested could not be found. Try refining your search, or use the navigation above to locate the post.

No Results Found

The page you requested could not be found. Try refining your search, or use the navigation above to locate the post.

No Results Found

The page you requested could not be found. Try refining your search, or use the navigation above to locate the post.

All News

No Results Found

The page you requested could not be found. Try refining your search, or use the navigation above to locate the post.

ALL NEWS

No Results Found

The page you requested could not be found. Try refining your search, or use the navigation above to locate the post.

Vulnerabilities and Updates

No Results Found

The page you requested could not be found. Try refining your search, or use the navigation above to locate the post.

Malware and Threats

No Results Found

The page you requested could not be found. Try refining your search, or use the navigation above to locate the post.

New Banshee Stealer macOS Malware Priced At $3,000 Per Month

Cybercriminals are advertising a new macOS malware that they claim is capable of stealing a wide range of data from compromised systems. Named Banshee Stealer and believed to have been developed by Russian threat actors, the malware is advertised on cybercrime forums...
Read More

Netsuite Vulnerability Could Leave Thousands Of Websites Exposed

Researchers have warned of a new vulnerability in NetSuite’s SuiteCommerce tool that could expose sensitive data. Stemming from misconfigured access controls, the vulnerability leaves sensitive personally identifiable information (PII) exposed, including the full...
Read More

Google To Remove App From Pixel Devices Following Claims That It Made Phones Vulnerable

Google and a cybersecurity company are disputing over claims that an application on Android phones left the devices vulnerable to cyberattacks and spyware. On Thursday, cybersecurity company iVerify published a report about an Android package called "Showcase.apk”...
Read More

Microsoft Disables Bitlocker Security Fix, Advises Manual Mitigation

Microsoft has disabled a fix for a BitLocker security feature bypass vulnerability due to firmware incompatibility issues that were causing patched Windows devices to go into BitLocker recovery mode. Tracked as CVE-2024-38058, this important severity security flaw can...
Read More

Unfixed Microsoft Entra ID Authentication Bypass Threatens Hybrid IDs

Researchers have found a way to manipulate the credential validation process in Microsoft Entra ID identity environments that they say attackers can use to bypass authentication in hybrid identity infrastructures. The attack would require an adversary to have admin...
Read More

Zero-Click Exploit Concerns Drive Urgent Patching Of Windows TCP/IP Flaw

Security experts are ratcheting up the urgency for Windows sysadmins to patch a pre-auth remote code execution vulnerability in the Windows TCP/IP stack, warning that zero-click exploitation is very likely. Technical details on the vulnerability, tracked as...
Read More

Copy2Pwn Zero-Day Exploited To Bypass Windows Protections

Trend Micro’s Zero Day Initiative (ZDI) has detailed a recently patched zero-day vulnerability that cybercriminals have exploited to bypass Windows protections. The flaw, tracked as CVE-2024-38213 and named Copy2Pwn by ZDI, was fixed by Microsoft in June 2024, but it...
Read More

SolarWinds Web Help Desk Vulnerability Possibly Exploited As Zero-Day

The US cybersecurity agency CISA on Thursday warned that a fresh critical-severity vulnerability in SolarWinds Web Help Desk has been exploited in attacks. The bug, tracked as CVE-2024-28986 (CVSS score of 9.8), is described as a Java deserialization remote code...
Read More

Netsuite Vulnerability Could Leave Thousands Of Websites Exposed

Researchers have warned of a new vulnerability in NetSuite’s SuiteCommerce tool that could expose sensitive data. Stemming from misconfigured access controls, the vulnerability leaves sensitive personally identifiable information (PII) exposed, including the full...
Read More

Google To Remove App From Pixel Devices Following Claims That It Made Phones Vulnerable

Google and a cybersecurity company are disputing over claims that an application on Android phones left the devices vulnerable to cyberattacks and spyware. On Thursday, cybersecurity company iVerify published a report about an Android package called "Showcase.apk”...
Read More

Microsoft Disables Bitlocker Security Fix, Advises Manual Mitigation

Microsoft has disabled a fix for a BitLocker security feature bypass vulnerability due to firmware incompatibility issues that were causing patched Windows devices to go into BitLocker recovery mode. Tracked as CVE-2024-38058, this important severity security flaw can...
Read More

Unfixed Microsoft Entra ID Authentication Bypass Threatens Hybrid IDs

Researchers have found a way to manipulate the credential validation process in Microsoft Entra ID identity environments that they say attackers can use to bypass authentication in hybrid identity infrastructures. The attack would require an adversary to have admin...
Read More

Zero-Click Exploit Concerns Drive Urgent Patching Of Windows TCP/IP Flaw

Security experts are ratcheting up the urgency for Windows sysadmins to patch a pre-auth remote code execution vulnerability in the Windows TCP/IP stack, warning that zero-click exploitation is very likely. Technical details on the vulnerability, tracked as...
Read More

Copy2Pwn Zero-Day Exploited To Bypass Windows Protections

Trend Micro’s Zero Day Initiative (ZDI) has detailed a recently patched zero-day vulnerability that cybercriminals have exploited to bypass Windows protections. The flaw, tracked as CVE-2024-38213 and named Copy2Pwn by ZDI, was fixed by Microsoft in June 2024, but it...
Read More

SolarWinds Web Help Desk Vulnerability Possibly Exploited As Zero-Day

The US cybersecurity agency CISA on Thursday warned that a fresh critical-severity vulnerability in SolarWinds Web Help Desk has been exploited in attacks. The bug, tracked as CVE-2024-28986 (CVSS score of 9.8), is described as a Java deserialization remote code...
Read More

New Banshee Stealer macOS Malware Priced At $3,000 Per Month

Cybercriminals are advertising a new macOS malware that they claim is capable of stealing a wide range of data from compromised systems. Named Banshee Stealer and believed to have been developed by Russian threat actors, the malware is advertised on cybercrime forums...
Read More

Netsuite Vulnerability Could Leave Thousands Of Websites Exposed

Researchers have warned of a new vulnerability in NetSuite’s SuiteCommerce tool that could expose sensitive data. Stemming from misconfigured access controls, the vulnerability leaves sensitive personally identifiable information (PII) exposed, including the full...
Read More

Google To Remove App From Pixel Devices Following Claims That It Made Phones Vulnerable

Google and a cybersecurity company are disputing over claims that an application on Android phones left the devices vulnerable to cyberattacks and spyware. On Thursday, cybersecurity company iVerify published a report about an Android package called "Showcase.apk”...
Read More

Microsoft Disables Bitlocker Security Fix, Advises Manual Mitigation

Microsoft has disabled a fix for a BitLocker security feature bypass vulnerability due to firmware incompatibility issues that were causing patched Windows devices to go into BitLocker recovery mode. Tracked as CVE-2024-38058, this important severity security flaw can...
Read More

Unfixed Microsoft Entra ID Authentication Bypass Threatens Hybrid IDs

Researchers have found a way to manipulate the credential validation process in Microsoft Entra ID identity environments that they say attackers can use to bypass authentication in hybrid identity infrastructures. The attack would require an adversary to have admin...
Read More

Zero-Click Exploit Concerns Drive Urgent Patching Of Windows TCP/IP Flaw

Security experts are ratcheting up the urgency for Windows sysadmins to patch a pre-auth remote code execution vulnerability in the Windows TCP/IP stack, warning that zero-click exploitation is very likely. Technical details on the vulnerability, tracked as...
Read More

Copy2Pwn Zero-Day Exploited To Bypass Windows Protections

Trend Micro’s Zero Day Initiative (ZDI) has detailed a recently patched zero-day vulnerability that cybercriminals have exploited to bypass Windows protections. The flaw, tracked as CVE-2024-38213 and named Copy2Pwn by ZDI, was fixed by Microsoft in June 2024, but it...
Read More

SolarWinds Web Help Desk Vulnerability Possibly Exploited As Zero-Day

The US cybersecurity agency CISA on Thursday warned that a fresh critical-severity vulnerability in SolarWinds Web Help Desk has been exploited in attacks. The bug, tracked as CVE-2024-28986 (CVSS score of 9.8), is described as a Java deserialization remote code...
Read More

Netsuite Vulnerability Could Leave Thousands Of Websites Exposed

Researchers have warned of a new vulnerability in NetSuite’s SuiteCommerce tool that could expose sensitive data. Stemming from misconfigured access controls, the vulnerability leaves sensitive personally identifiable information (PII) exposed, including the full...
Read More

Google To Remove App From Pixel Devices Following Claims That It Made Phones Vulnerable

Google and a cybersecurity company are disputing over claims that an application on Android phones left the devices vulnerable to cyberattacks and spyware. On Thursday, cybersecurity company iVerify published a report about an Android package called "Showcase.apk”...
Read More

Microsoft Disables Bitlocker Security Fix, Advises Manual Mitigation

Microsoft has disabled a fix for a BitLocker security feature bypass vulnerability due to firmware incompatibility issues that were causing patched Windows devices to go into BitLocker recovery mode. Tracked as CVE-2024-38058, this important severity security flaw can...
Read More

Unfixed Microsoft Entra ID Authentication Bypass Threatens Hybrid IDs

Researchers have found a way to manipulate the credential validation process in Microsoft Entra ID identity environments that they say attackers can use to bypass authentication in hybrid identity infrastructures. The attack would require an adversary to have admin...
Read More

Zero-Click Exploit Concerns Drive Urgent Patching Of Windows TCP/IP Flaw

Security experts are ratcheting up the urgency for Windows sysadmins to patch a pre-auth remote code execution vulnerability in the Windows TCP/IP stack, warning that zero-click exploitation is very likely. Technical details on the vulnerability, tracked as...
Read More

Copy2Pwn Zero-Day Exploited To Bypass Windows Protections

Trend Micro’s Zero Day Initiative (ZDI) has detailed a recently patched zero-day vulnerability that cybercriminals have exploited to bypass Windows protections. The flaw, tracked as CVE-2024-38213 and named Copy2Pwn by ZDI, was fixed by Microsoft in June 2024, but it...
Read More

SolarWinds Web Help Desk Vulnerability Possibly Exploited As Zero-Day

The US cybersecurity agency CISA on Thursday warned that a fresh critical-severity vulnerability in SolarWinds Web Help Desk has been exploited in attacks. The bug, tracked as CVE-2024-28986 (CVSS score of 9.8), is described as a Java deserialization remote code...
Read More

New Banshee Stealer macOS Malware Priced At $3,000 Per Month

Cybercriminals are advertising a new macOS malware that they claim is capable of stealing a wide range of data from compromised systems. Named Banshee Stealer and believed to have been developed by Russian threat actors, the malware is advertised on cybercrime forums...
Read More