According to researchers at the University of the Republic of Uruguay, hackers can apply Artificial Intelligence (AI) to spy on a user's display by capturing leaked electromagnetic radiation from a PC's HDMI cable.

The nation-state threat actor "SideWinder" is behind a new cyber espionage campaign targeting ports and maritime facilities in the Indian Ocean and Mediterranean Sea.

The new red team post-exploitation framework "Specula," released by the cybersecurity company TrustedSec, uses Microsoft Outlook as a Command-and-Control (C2) beacon for Remote Code Execution (RCE).

According to Microsoft's threat intelligence team, ransomware groups are exploiting a critical vulnerability in ESXi hypervisors to gain full administrative access on domain-joined systems less than a week after VMware shipped patches for the fla

IBM released its annual "Cost of a Data Breach Report," which revealed that the global average cost of a data breach hit $4.88 million in 2024, as breaches become more disruptive and place additional demands on cyber teams.

Cybercriminals are selling stolen Generative Artificial Intelligence (GenAI) platform account credentials on underground markets.

In a massive scam campaign dubbed "EchoSpoofing" by Guardio Labs, an unknown threat actor has sent millions of messages spoofing Best Buy, IBM, Nike, Walt Disney, and other popular companies by exploiting an email routing misconfiguration in email secu

On the 270th day after President Biden's Executive Order (EO) on the Safe, Secure, and Trustworthy Development of Artificial Intelligence (AI), the US Department of Commerce announced the release of new guidance and software to help improve the safety,

Phishing campaigns involving Microsoft Forms have increased to steal Microsoft 365 login credentials. Threat actors use breached business partners' and vendors' email accounts to send phishing emails.

Researchers at Salt Labs have discovered and published details of a Cross-Site Scripting (XSS) attack that could affect millions of websites worldwide.

Threat actors are abusing a Selenium Grid misconfiguration to deploy a modified XMRig tool for Monero cryptocurrency mining.

According to Binarly, there is a Secure Boot issue affecting hundreds of computer models. The vulnerability, called "PKfail," enables attackers to run malicious code during the device's boot process.