Claroty's Team82 uncovered a security vulnerability in Rockwell Automation's ControlLogix 1756 devices that could expose critical infrastructure to cyberattacks on the Operational Technology (OT) controlling physical processes.

The US Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) have released "Secure by Demand Guide: How Software Customers Can Drive a Secure Technology Ecosystem" to help organizations purchasing software un

Check Point Research warns that over 20,000 Ubiquiti devices are exposed on the Internet, revealing informational data, including their platform names, configured IP addresses, and more, due to a five-year-old bug.

The Ransomware-as-a-Service (RaaS) operator "Hunters International" is using a new Remote Access Trojan (RAT) named "SharpRhino." According to researchers at Quorum Cyber, the malware is delivered through a typosquatting domain impersonating the legiti

According to South Korea's National Cyber Security Center (NCSC), Democratic People's Republic of Korea (DPRK) state-sponsored hackers have exploited vulnerabilities in a Virtual Private Network's (VPN) software update to install malware and infiltrate

In the first half of 2024, 22,254 Common Vulnerabilities and Exposures (CVEs) were reported, up 30 percent from last year. According to Qualys' "2024 Midyear Threat Landscape Review" just 0.91 percent of the reported CVEs were weaponized.

The cloud computing company Amazon Web Services (AWS) uses a massive neural network graph model with 3.5 billion nodes and 48 billion edges to quickly detect malicious domains crawling its infrastructure.

In an update, Electronics manufacturing services firm Keytronic revealed that a recent ransomware attack resulted in additional expenses and lost revenue totaling more than $17 million.

The "Chameleon" malware has returned with a new campaign against an international restaurant chain, with a focus on the European and Canadian regions.

INTERPOL's "global stop-payment mechanism" helped recover millions of dollars in funds defrauded in a large Business Email Compromise (BEC) scam. The move follows a mid-July 2024 BEC scam at a Singapore commodity company.

Pharmaceutical company Cencora recently confirmed in an update on July 31 that sensitive personal and health data was exfiltrated during a cyberattack in February 2024.

The Grand Palais' IT director observed unusual activity on the museum's systems on the night of August 3-4 and discovered that it was due to a ransomware attack targeting systems used to "centralize financial data" for approximately 40 museums in Franc