Recent attacks on customer accounts hosted by the Snowflake data warehousing platform suggest that threat actors are shifting to targeting Software-as-a-Service (SaaS) application environments.

According to a new Barracuda report, in 2023, about 92 percent of organizations faced an average of six credential compromises due to email-based social engineering attacks.

According to G Data CyberDefense, a backdoor dubbed "BadSpace" is being distributed using a multi-stage attack chain involving infected WordPress websites.

According to Action1, threat actors are increasingly targeting edge devices known as load balancers. A load balancer distributes connections from clients between a set of servers.

A malware distribution campaign uses fake Google Chrome, Word, and OneDrive errors to trick users into installing malware through malicious PowerShell "fixes." The new campaign has been used by multiple threat actors, including those behind "ClearFake,

Proofpoint researchers warn of a clever social engineering method to deliver malware.

Sygnia reports that a Chinese state-sponsored threat actor dubbed "Velvet Ant" used a legacy F5 BIG-IP appliance to access a victim organization's network for three years.

Rochester Institute of Technology (RIT) researchers created CTIBench, the first benchmark designed for assessing the performance of Large Language Models (LLMs) in Cyber Threat Intelligence (CTI) applications.

A team of researchers from Seoul National University, Samsung Research, and the Georgia Institute of Technology revealed a new speculative execution attack called "TikTag" targeting a hardware security feature in Arm CPUs.

Truist Bank has recently confirmed that its systems were breached in an October 2023 cyberattack after a threat actor posted some of the company's data for sale on a hacking forum.

In a new study conducted by researchers at Salt Security, 250 respondents were pooled across various job responsibilities, industries, and company sizes globally to compile a new report titled "State of API Security Report 2024." The researchers found

Security researchers at Insikt Group recently observed a widespread malicious campaign targeting cryptocurrency users and involving Vortax, a fake virtual meeting software.