Threat actors are exploiting a new critical authentication bypass flaw in Progress MOVEit Transfer, which is a Managed File Transfer (MFT) solution used to securely transfer files between business partners and customers.

Siemens recently patched several vulnerabilities in some of its Sicam products that could be exploited in attacks against the energy sector.

Promon research highlights a new malware strain called "Snowblind" targeting banking customers in Southeast Asia. The new malware disables Android banking apps' ability to detect malicious modifications, thus avoiding detection.

Levi's recently announced that tens of thousands of their customers may have had their accounts compromised after a credential stuffing attack.

According to security researchers at Defiant, malicious code injected over the past week in five WordPress plugins creates a new administrative account.

The National Institute of Standards and Technology (NIST) has launched a collaborative project to adapt its digital identity guidelines to support public benefits programs, such as those that help beneficiaries pay for food, housing, and more.

"P2PInfect" is a worm that uses the Redis in-memory database application to spread across networks in a peer-to-peer, worm-like way, building a botnet in the process.

Threat actors are using a new attack method involving specially crafted Management Saved Console (MSC) files to gain full code execution through Microsoft Management Console (MMC) and dodge security defenses.

A polyfill.io supply chain attack has affected over 100,000 websites after a Chinese company bought the domain and the script was modified to redirect users to malicious websites.

Etay Maor, Chief Security Strategist at Cato Networks, provides his insights into threat actors faking data breaches. Most likely, hackers sell fake data to make more money, according to Maor.

The Shadowserver Foundation warns that botnet attacks are exploiting a recently disclosed critical-severity vulnerability in discontinued Zyxel NAS devices. The code injection flaw can be exploited remotely without authentication.

New fraud campaigns have used the "Medusa" banking Trojan, also known as "TangleBot." Cleafy researchers recently reported that this sophisticated malware family, first discovered in 2020, has returned with significant changes.