The group compromised at least 10 regional organizations, including two state-owned entities, and deployed a new backdoor.
Attackers don't need any special authentication to reach a target endpoint — they just need to know where it is.
As AI reshapes cybersecurity workflows, John Paul Cunningham, CISO at SIlverfort, says there are more ways than ever to break ...
LLMs consistently hallucinate Web domains for legitimate brands that attackers can register for malicious activity in a difficult-to-detect attack vector.
From the FIFA World Cup to the United States' sesquicentennial celebration, this year's event calendar is packed with high-profile gatherings drawing global audiences, intense scrutiny, and enormous ...
Security professional with experience in corporate security, open-source intelligence, threat & risk assessments, and physical and infosec investigations.
Separate but similar campaigns described by Microsoft and Trend Micro use malicious zip files to spread malware via social ...
The infostealer was delivered via CVE-2026-48558, a critical authentication bypass vulnerability in SimpleHelp.
Iran, Russia, and China target water systems through weak passwords and exposed PLCs/HMIs, aiming for psychological impact ...
One critical vulnerability, among many discovered by a researcher, could have allowed anyone to walk in and take over a ...
Adversaries could plant a malicious repository that executes arbitrary code and steals cloud credentials, showcasing MCP risk ...
Cisco's recent acquisitions of Astrix Security and WideField Security will help enterprises secure AI agents and non-human ...