The French security company Quarkslab found a major backdoor in millions of contactless cards made by Shanghai Fudan Microelectronics Group, a leading Chinese chip manufacturer.

The US Cybersecurity and Infrastructure Security Agency (CISA) has added a critical Jenkins vulnerability to its Known Exploited Vulnerabilities (KEV) catalog. The exploitation of this flaw enables Remote Code Execution (RCE).

The Iranian-linked threat actor "TA453," also known as "Charming Kitten," has been using a PowerShell-based malware toolkit named "BlackSmith" in a sophisticated phishing attack.

US intelligence officials are confident that Iran was behind hacks against the Trump and Biden-Harris presidential campaigns. Tehran is believed to be using the hacks to influence American politics and the election.

According to a new report by the UK backup solutions provider Databarracks, more organizations than ever before have subscribed to cyber insurance, but the number of claims is declining.

According to the WordPress security company Defiant, the GiveWP WordPress plugin contains a critical vulnerability that enables Remote Code Execution (RCE) and arbitrary file deletion on over 100,000 websites.

According to security researchers at Chainalysis, ransomware payments and stolen cryptocurrency have increased in the first half of 2024.

The Mandiant Managed Defense team has discovered an increase in malware infections caused by malvertising campaigns that distribute a loader named "FakeBat," also known as "EugenLoader" and "PaykLoader." The researchers consider these attacks "op

New York City-based nonprofit healthcare organization Jewish Home Lifecare has recently revealed that a data breach disclosed earlier this year impacted more than 100,000 individuals.

"Xeon Sender," a cloud-based tool, helps attackers launch large-scale SMS spam and phishing campaigns using legitimate Software-as-a-Service (SaaS) providers.

Researchers at Gen Threat Labs have linked the exploitation of one of the zero-days recently patched by Microsoft to North Korea's "Lazarus" Advanced Persistent Threat (APT) group.

The Oregon Zoo recently notified roughly 118,000 individuals that their names and payment card information were stolen from its online ticketing service.