A new supply chain attack technique named "Revival Hijack" by the software supply chain security company JFrog has been used in the wild to infiltrate downstream organizations.

Cisco's site for selling company-themed merchandise has temporarily been taken down due to hackers compromising it with JavaScript code that steals sensitive customer details entered at checkout.

The frequency, severity, and costs of ransomware attacks continue to grow. Recent reports show rising attacks on healthcare, manufacturing, and other critical sectors.

Microsoft is experimenting with a new security mitigation to combat the rise in cyberattacks involving the exploitation of vulnerabilities in the Windows Common Log File System (CLFS).

Last month, a North Korean intelligence threat actor exploited two novel vulnerabilities to steal from the cryptocurrency industry and fund the Kim Jong Un regime.

YubiKey security keys can be cloned through a side-channel attack involving the exploitation of a vulnerability in a third-party cryptographic library. The attack called "Eucleak" was demonstrated by NinjaLab.

Threat actors are using MacroPack, a tool designed for red team exercises, to deploy malware. Cisco Talos researchers discovered several related Microsoft documents uploaded to VirusTotal between May and July 2024.

The White House has released a roadmap to address Internet routing security issues, specifically Border Gateway Protocol (BGP) vulnerabilities.

In a new update, US oil service giant Halliburton confirmed corporate data was stolen from its computer systems during an August ransomware cyberattack.  The company noted that it is evaluating the nature and scope of the information.

Zyxel recently announced patches for multiple vulnerabilities in its networking devices, including a critical severity flaw affecting multiple access points (AP) and security router models.

According to a new study led by the University of Minnesota School of Public Health, although ransomware attacks are more likely in urban areas, operational disruptions may have a greater impact on financially vulnerable rural hospitals and their patie

The Federal Bureau of Investigation (FBI) warns of North Korean hacking groups performing sophisticated social engineering attacks against cryptocurrency companies and their employees to launch malware aimed at stealing cryptocurrency assets.