The North Korean threat actor "ScarCruft" exploited a Windows security flaw to infect devices with the "RokRAT" malware.

According to security researchers at Symantec, RansomHub is now the number one ransomware operation in terms of claimed successful attacks.  Overall, threat actors claimed 1255 attacks in the third quarter, down slightly from 1325 in Q2.

New variants of the Android banking trojan "TrickMo" have features for stealing a device's unlock pattern or PIN.

A critical vulnerability in Kubernetes could enable unauthorized SSH access to a Virtual Machine (VM) that is running an image created with Kubernetes Image Builder.

Etay Maor, Chief Security Strategist and founding member of the Cyber Threats Research Lab (CTRL) at Cato Networks, has highlighted how both defenders and attackers could use Artificial Intelligence (AI) in their operations.

Google recently announced a fresh Chrome browser update that addresses 17 vulnerabilities, including 13 security defects reported by external researchers.

Apparel giant Varsity Brands recently disclosed a data breach impacting a significant number of individuals. Varsity provides uniforms, apparel, and services for sports teams, schools, and student-athletes.

A research team led by Wang Chao from Shanghai University has presented a method involving the use of D-Wave's quantum annealing systems to crack classic encryption.

Researchers at Trend Micro have discovered that threat actors are using the open source "EDRSilencer" tool to evade Endpoint Detection and Response (EDR) systems.

The Entrust Cybersecurity Institute found that many organizations have not begun post-quantum threat preparations despite the National Institute of Standards and Technology's (NIST) recent publication of post-quantum standards.

According to Fortinet's recent threat report, cybercriminals, hacktivists, and nation-state actors have threatened to disrupt or take advantage of the US election.

Researchers from the University of Texas at Austin's SPARK Lab have identified "ConfusedPilot," a new cyberattack that targets Retrieval-Augmented Generation (RAG)-based Artificial Intelligence (AI) systems such as Microsoft 365 Copilot.