Автор: Rob Wright

Exposed data from LockBit’s affiliate panel includes Bitcoin addresses, private chats with victim organizations, and user information such as credentials.

Cyber-insurance carrier Coalition said business email compromise and funds transfer fraud accounted for 60% of claims in 2024.

While law enforcement has identified and arrested several alleged members, the notorious threat group continues to wreak havoc.

The technology giant said two zero-day vulnerabilities were used in attacks on iOS devices against "specific targeted individuals," which suggests spyware or nation-state threat activity.

Gladinet’s platform is widely used among managed service providers, and a critical deserialization flaw could put MSP customers in jeopardy.

Attacks on a critical authentication bypass flaw in CrushFTP’s file transfer product continue this week after duplicate CVEs sparked confusion.

CrushFTP CEO Ben Spink slammed several cybersecurity companies for creating confusion around a critical authentication bypass flaw that’s currently under attack.

Based on the open source NGINX Web server, the malicious tool allows threat actors to steal user credentials and session tokens.

Popularity of the generative AI platform makes it an obvious choice for cybercriminals abusing Google-sponsored search results, according to researchers.

Cybersecurity vendors say threat actors’ abuse of traffic distribution systems (TDS) is becoming more complex and sophisticated — and much harder to detect and block.