Sep 24, 2025Ravie LakshmananMalware / Windows Security Cybersecurity researchers have disclosed details of a new malware family dubbed YiBackdoor that has been found to share “significant” source code overlaps with IcedID and Latrodectus. “The exact…
Think payment iframes are secure by design? Think again. Sophisticated attackers have quietly evolved malicious overlay techniques to exploit checkout pages and steal credit card data by bypassing the very security policies designed to stop…
Cloud security company Wiz has revealed that it uncovered in-the-wild exploitation of a security flaw in a Linux utility called Pandoc as part of attacks designed to infiltrate Amazon Web Services (AWS) Instance Metadata Service…
Sep 24, 2025Ravie LakshmananVulnerability / Email Security Libraesva has released a security update to address a vulnerability in its Email Security Gateway (ESG) solution that it said has been exploited by state-sponsored threat actors. The…
Sep 23, 2025Ravie LakshmananFirmware Security / Vulnerability Cybersecurity researchers have disclosed details of two security vulnerabilities impacting Supermicro Baseboard Management Controller (BMC) firmware that could potentially allow attackers to bypass crucial verification steps and update…
Sep 23, 2025Ravie LakshmananFinancial Crime / Cryptocurrency Law enforcement authorities in Europe have arrested five suspects in connection with an “elaborate” online investment fraud scheme that stole more than €100 million ($118 million) from over…
Sep 23, 2025Ravie LakshmananNational Security / Threat Intelligence The U.S. Secret Service on Tuesday said it took down a network of electronic devices located across the New York tri-state area that were used to threaten…
Sep 23, 2025Ravie LakshmananVulnerability / Data Security SolarWinds has released hot fixes to address a critical security flaw impacting its Web Help Desk software that, if successfully exploited, could allow attackers to execute arbitrary commands…
Big companies are getting smaller, and their CEOs want everyone to know it. Wells Fargo has cut its workforce by 23% over five years, Bank of America has shed 88,000 employees since 2010, and Verizon’s…
Cybersecurity researchers have disclosed details of a new botnet that customers can rent access to conduct distributed denial-of-service (DDoS) attacks against targets of interest. The ShadowV2 botnet, according to Darktrace, predominantly targets misconfigured Docker containers…