Researchers expose new WordPress malware and ClickFix phishing kits exploiting cache smuggling for stealth attacks.

Researchers from NC State University have identified the first hardware vulnerability that allows attackers to compromise the data privacy of artificial intelligence (AI) users by exploiting the ...

A pro-Russian hacktivist group called TwoNet pivoted in less than a year from launching distributed denial-of-service (DDoS) attacks to targeting critical infrastructure. Recently, the threat actor ...

Qilin, a ransomware group with a track record of cyberattacks on major entities around the world, claimed responsibility on Tuesday for a hack on Japan's Asahi Group Holdings that disrupted production ...

Threat actors are actively exploiting a critical vulnerability in the Service Finder WordPress theme that allows them to bypass authentication and log in as administrators.

The access afforded by the ANTSWORD web shell is then used to run the "whoami" command to determine the privileges of the web server and deliver the open-source Nezha agent, which can be used to ...

Scattered LAPSUS$ Hunters is now using the data stolen from dozens of Salesforce customers' instances to extort Salesforce itself.

Cybercriminals are hijacking trusted remote monitoring and management tools to bypass defenses, gain persistent access and quietly stage ransomware attacks. Experts ...

Infinex is trialing a browser extension enabling users to login to crypto DApps using passkeys and phones. But is it as safe as a hardware wallet?