Автор: Jai Vijayan, Contributing Writer

The threat group’s goal is to help Pyongyang assess risk to its troops deployed in Ukraine and to figure out if Moscow might want more.

The security researcher who questioned the effectiveness of a patch for recently disclosed bug in Commvault Command Center did not test patched version, the company says.

Previously, Microsoft reported that Storm-2460 had also used the privilege escalation bug to deploy ransomware on organizations in several countries.

CISA added CVE-2025-34028 to its catalog of known exploited vulnerabilities, citing active attacks in the wild.

CISA added CVE-2025-34028 to its catalog of known exploited vulnerabilities, citing active attacks in the wild.

The chat infrastructure and data-leak site of the notorious ransomware-as-a-service group has been inactive since March 31, according to security vendors.

Thousands of automatic tank gauge (ATG) devices are accessible over the Internet and are just "a packet away" from compromise, security researcher warns at 2025 RSAC Conference.

CVE-2025-31324 is a maximum severity bug that attackers exploited weeks before SAP released a patch for it.

CVE-2025-31324 is a maximum severity bug that attackers exploited weeks before SAP released a patch for it.

Though already patched, the vulnerability is especially problematic because of the highly privileged access it offers to business-critical systems, sensitive data, and backups for attackers.