The maintainers of Python Package Index (PyPI) last week issued fixes for three vulnerabilities, one among which could be abused to achieve arbitrary code execution and...
Healthcare and education sectors are the frequent targets of a new surge in credential harvesting activity from what’s a “highly modular” .NET-based information stealer and keylogger,...
Cybersecurity researchers on Friday unmasked new command-and-control (C2) infrastructure belonging to the Russian threat actor tracked as APT29, aka Cozy Bear, that has been spotted actively...
As many as eight Python packages that were downloaded more than 30,000 times have been removed from the PyPI portal for containing malicious code, once again...
A cyber attack that derailed websites of Iran’s transport ministry and its national railway system earlier this month, causing widespread disruptions in train services, was the...
An ongoing malicious campaign that employs phony call centers has been found to trick victims into downloading malware capable of data exfiltration as well as deploying...
An unidentified threat actor has been exploiting a now-patched zero-day flaw in Internet Explorer browser to deliver a fully-featured VBA-based remote access trojan (RAT) capable of...
Two new ransomware-as-service (RaaS) programs have appeared on the threat radar this month, with one group professing to be a successor to DarkSide and REvil, the...
Business email compromise (BEC) refers to all types of email attacks that do not have payloads. Although there are numerous types, there are essentially two main...
A previously undocumented Android-based remote access trojan (RAT) has been found to use screen recording features to steal sensitive information on the device, including banking credentials,...
