Multiple campaigns have exploited a recently disclosed OSGeo GeoServer GeoTools security flaw to deliver cryptocurrency miners, botnet malware, and a backdoor.

Veeam recently announced patches for multiple vulnerabilities in its enterprise products, including critical severity bugs that could lead to remote code execution (RCE).

According to security researchers at Patchstack, a vulnerability in the popular LiteSpeed Cache plugin for WordPress could allow attackers to retrieve user cookies and potentially take over websites.

According to security researchers at LexisNexis Risk Solutions, as many as one in four password reset attempts from desktop browsers are fraud.

Hackers have stolen over $27 million in cryptocurrency from the Penpie Decentralized Finance (DeFi) protocol. Due to the theft, Penpie has shut down withdrawals and deposits.

The UK signed the first binding international treaty regarding Artificial Intelligence (AI) ethics. Lord Chancellor Shabana Mahmood signed the "Council of Europe AI Convention" on September 5, 2024.

The US Department of Justice (DoJ) has announced the seizure of 32 Internet domains used in a pro-Russian propaganda operation named "Doppelganger." Doppelganger used various methods to drive viewership to the cybersquatted media domains, includi

Two Nigerian nationals were recently sentenced to prison in the US for operating a business email compromise (BEC) scheme.

Multiple threat groups have targeted organizations worldwide through the exploitation of two old vulnerabilities in a DrayTek product.

Security researchers discovered a new distribution mechanism for the "Lumma Stealer" infostealer malware. The mechanism is a "checker" tool used by hackers to validate stolen credentials.

Semiconductor supplier Microchip Technology recently confirmed that personal information and other types of data were stolen from its systems during a recent ransomware attack.  The company disclosed the incident on August 20.

Cisco recently announced patches for multiple vulnerabilities, including two critical-severity flaws in Smart Licensing Utility and a medium-severity Identity Services Engine flaw for which proof-of-concept (PoC) code exists.