Chinese-speaking users are the target of an ongoing campaign that distributes malware known as ValleyRAT. "ValleyRAT is a multi-stage malware that utilizes diverse techniques to monitor and control its victims and deploy arbitrary plugins to cause further damage,"...

CISA Director Jen Easterly highlighted the importance of not glamorizing threat actors, urging defenders to focus on detecting and responding to malicious tactics rather than being fixated on the threat groups themselves.

SaaS applications have become indispensable for organizations aiming to enhance productivity and streamline operations. However, the convenience and efficiency these applications offer come with inherent security risks, often leaving hidden gaps that can be exploited....

A cybercrime group linked to RansomHub ransomware has been seen using a new EDR-killing tool, named EDRKillShifter, to disable endpoint detection and response software on compromised hosts.

The GitHub vulnerability named 'ArtiPACKED' exposes repositories to potential takeovers. This attack vector in GitHub Actions artifacts could allow malicious actors to compromise services by leaking tokens due to misconfigurations and security flaws.

Cybersecurity researchers have uncovered new stealer malware that's designed to specifically target Apple macOS systems. Dubbed Banshee Stealer, it's offered for sale in the cybercrime underground for a steep price of $3,000 a month and works across both x86_64 and...

Kiteworks (formerly Accellion) secured $456 million in private equity funding. The investment from Insight Partners and Sixth Street Growth will support Kiteworks' acquisitions, including four smaller enterprise startups since 2022.

A spear-phishing campaign targeting Russian government dissidents and Western organizations, attributed to the Russian FSB and threat actor COLDRIVER, uses personalized social engineering tactics to gain access to online accounts.

A large percentage of Google's own Pixel devices shipped globally since September 2017 included dormant software that could be used to stage nefarious attacks and deliver various kinds of malware. The issue manifests in the form of a pre-installed Android app called...

A major cyberattack struck the Central Bank of Iran and other Iranian banks, causing disruptions. The incident, reported by Iranian news outlets and Iran International, resulted in the crippling of the banks' computer systems.