Researchers have discovered a new campaign spreading an updated version of the "ValleyRAT" malware. According to Zscaler ThreatLabz, the latest version includes screenshot capturing, process filtering, Windows event log clearing, and more.

The "TellYouThePass" ransomware group has been using PHP's recently patched Remote Code Execution (RCE) vulnerability to deliver web shells and execute the encryptor payload.

Redfox Security warns that discontinued Netgear WNR614 routers contain vulnerabilities that enable attackers to bypass authentication, intercept communications, and steal credentials.

Apple recently updated visionOS, the operating system powering its Vision Pro virtual reality headset, to version 1.2, which addresses several vulnerabilities, including what may be the first security flaw that is specific to this product.

British semiconductor giant Arm has recently warned customers about a memory safety bug in Mali GPU kernel drivers that has been exploited in the wild.

Researchers from the University of Illinois Urbana-Champaign found that GPT-4-powered teams of bots can scan websites for zero-day vulnerabilities and attack them with 53 percent success.

A new Commonwealth Cyber Initiative (CCI)-funded inclusive cybersecurity program in Virginia is helping people feel safer and more secure on computer networks and other devices.

Cisco's Talos research and threat intelligence unit found 15 vulnerabilities impacting AutomationDirect’s Productivity series Programmable Logic Controllers (PLCs). The vulnerabilities are all classified as being of high or critical severity.

According to Forescout's "The Riskiest Connected Devices in 2024" report, the number of Internet of Things (IoT) devices with vulnerabilities has increased by 136 percent.

Security researchers at Huntr discovered a critical-severity vulnerability in the PyTorch machine learning library that could be exploited for remote code execution.

An anonymous threat actor has recently posted what they claim to be 270GB of source code stolen from the New York Times.  The alleged leak was first spotted by security researchers at vx-underground.

In a new update, Auction house Christie’s informed authorities that the data breach caused by a recent ransomware attack impacted the information of roughly 45,000 individuals.  The intrusion was discovered on May 9.