Security researchers at a company called Menlo Security, have uncovered an active malware campaign that utilizes HTML smuggling to deliver malware, effectively bypassing various network security solutions, including sandboxes, legacy proxies, and…

Hackers used a social engineering technique called "phone spear phishing," also known as "vishing" or "voice phishing," in an attempt to compromise more than 100 Twitter accounts belonging to high-profile users, including CEOs, celebrities, and…

Researchers at Risk Based Security have discovered that the number of publicly reported data breaches is at its lowest in five years.  However, the number of records exposed is more than four times higher than any previously reported time period.…

Security researchers have discovered cryptocurrency mining malware capable of stealing AWS credentials from infected servers. The malware was observed being used by TeamTNT, a cybercrime group that targets Docker installations. According to researchers,…

The Cybersecurity and Infrastructure Security Agency (CISA) has published an alert to provide information on attacks delivering the KONNI remote access Trojan (RAT).  Phishing emails are being sent delivering Microsoft Word documents that contain…

Researchers at Wordfence have discovered two critical flaws in a WordPress plugin called Quiz and Survey Master, which is actively installed on over 30,000 websites.  The two critical flaws that were discovered include an arbitrary file-upload…

Army researchers were awarded a patent for their invention of a practical method that could be used to improve the security of communications between Army wireless devices. The technique enables simultaneous, covert verification of wireless…

Security researchers at Char49 found vulnerabilities in version 6.9.25 of Samsung's Find My Mobile (FMM) service. The FMM application is intended to help users locate their Samsung devices if they lose them. The exploitation of these vulnerabilities…

A security researcher discovered the online exposure of a medical software company's database containing personal information belonging to more than 3.1 million patients. The unsecured database appears to belong to Adit, a developer of online booking and…

A recently fixed vulnerability in Amazon's voice assistant Alexa is a reminder that users should delete their Alexa voice history regularly. The vulnerability discovered by Check Point researchers could have allowed hackers to view a user's voice chat…

Researchers at Sonatype have found that there has been a massive 430 percent surge in next generation cyberattacks aimed at actively infiltrating open source software supply chains.  There were 929 next generation software supply chain attacks…

A researcher claims that hackers took control over a part of the endpoint infrastructure used by the anonymizing internet browser Tor to route traffic. According to the researcher, attackers manipulated Tor traffic and mined cryptocurrency using Tor exit…