Morse Corp Inc., a Massachusetts-based defense contractor, has agreed to pay $4.6 million to resolve allegations of cybersecurity fraud under the False Claims Act.

Phishing or similar-looking websites or email addresses continues to be the favourite weapon for hackers. To make things worse, phishing kits, which offer phishing-as-a-service (PhaaS), are made easily available in the dark web, lowering the bar in launching phishing attacks.

YouTube videos promoting game cheats are being used to deliver a previously undocumented stealer malware called Arcane likely targeting Russian-speaking users.

Microsoft is calling attention to a novel remote access trojan (RAT) named StilachiRAT that it said employs advanced techniques to sidestep detection and persist within target environments with an ultimate aim to steal sensitive data.

Indian IT services provider Infosys (INFY.NS), opens new tab on Friday said it had reached an agreement with the plaintiffs of lawsuits pending against its U.S. unit over the 2023 cyber incident.

Two high-severity security flaws have been disclosed in the open-source ruby-saml library that could allow malicious actors to bypass Security Assertion Markup Language (SAML) authentication protections.

The threat actor known as Dark Caracal has been attributed to a campaign that deployed a remote access trojan called Poco RAT in attacks targeting Spanish-speaking targets in Latin America in 2024.

The cybersecurity company is tracking the activity cluster under the name TGR-UNK-0011 (short for a threat group with unknown motivation), which it said overlaps with a group known as JavaGhost.

The threat actor known as Sticky Werewolf has been linked to targeted attacks primarily in Russia and Belarus with the aim of delivering the Lumma Stealer malware by means of a previously undocumented implant.

The Federal Bureau of Investigation said on Wednesday that North Korea was responsible for the theft of approximately $1.5 billion in virtual assets from cryptocurrency exchange ByBit.

"Its first known variant since 2022, this latest XCSSET malware features enhanced obfuscation methods, updated persistence mechanisms, and new infection strategies," the Microsoft Threat Intelligence team said in a post shared on X.

Cybersecurity researchers have flagged a credit card stealing malware campaign that has been observed targeting e-commerce sites running Magento by disguising the malicious content within image tags in HTML code in order to stay under the radar.

Palo Alto Networks has addressed a high-severity security flaw in its PAN-OS software that could result in an authentication bypass. The vulnerability, tracked as CVE-2025-0108, carries a CVSS score of 7.8 out of 10.0. The score, however, drops to 5.1 if access to the management interface is restricted to a jump box.

Apple on Monday released out-of-band security updates to address a security flaw in iOS and iPadOS that it said has been exploited in the wild. Assigned the CVE identifier CVE-2025-24200 (CVSS score: 4.6), the vulnerability has been described as an authorization issue that could make it possible for a malicious actor to disable USB Restricted Mode on a locked device as part of a cyber physical attack.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has warned that a security flaw impacting Trimble Cityworks GIS-centric asset management software has come under active exploitation in the wild.

Privileged Access Management (PAM) has emerged as a cornerstone of modern cybersecurity strategies, shifting from a technical necessity to a critical pillar in leadership agendas. With the PAM market projected to reach $42.96 billion by 2037 (according to Research Nester), organizations invest heavily in PAM solutions.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a second security flaw impacting BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) products to the Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild.

The problem lies within a feature designed to enhance user safety: displaying the origin of a website in the operating system’s file selector dialogue during file uploads or downloads.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday placed a now-patched security flaw impacting the popular jQuery JavaScript library to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.

Imagine receiving a penetration test report that leaves you with more questions than answers. Questions like, "Were all functionalities of the web app tested?" or " Were there any security issues that could have been identified during testing?"

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a second security flaw impacting BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) products to the Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild.

Microsoft has revealed that it's pursuing legal action against a "foreign-based threat–actor group" for operating a hacking-as-a-service infrastructure to intentionally get around the safety controls of its generative artificial intelligence (AI) services and produce offensive and harmful content.

Japan's National Police Agency (NPA) and National Center of Incident Readiness and Strategy for Cybersecurity (NCSC) accused a China-linked threat actor named MirrorFace of orchestrating a persistent attack campaign targeting organizations, businesses, and individuals in the country since 2019.

The U.S. government on Tuesday announced the launch of the U.S. Cyber Trust Mark, a new cybersecurity safety label for Internet-of-Things (IoT) consumer devices.

In a detailed report from Team Axon—led by Alon Klayman and Uri Kornitzer—researchers have revealed on a sophisticated campaign targeting Chrome extension developers. This operation exemplifies the evolving nature of cyber threats, combining phishing, credential theft, and malicious code injection to compromise both developers and end users.

The United States Department of Health and Human Services' (HHS) Office for Civil Rights (OCR) has proposed new cybersecurity requirements for healthcare organizations with an aim to safeguard patients' data against potential cyber attacks.

Hackers have compromised several different companies' Chrome browser extensions in a series of intrusions dating back to mid-December, according to one of the victims and experts who have examined the campaign.

The dual-use nature of AI has created a great deal of risk to organizations as cybercriminals increasingly harness the power of AI to perpetrate highly sophisticated attacks. AI-powered malware can change its behavior in real-time.

Despite its popularity, the phishing-as-a-service platform Rockstar2FA suffered a partial collapse in November 2024 due to technical issues, allowing the new phishing toolkit FlowerStorm to emerge, according to Sophos MD.

The intersection of hacking and activism, commonly known as hacktivism, has transformed into a formidable force in the digital era. Trellix’s latest report explores how these groups are increasingly intertwined with the geopolitical ambitions of nation-states.

A detailed report from Group-IB reveals a sophisticated global phishing campaign targeting employees across 30 companies in 15 jurisdictions. By leveraging trusted domains and dynamic personalization, the threat actors have successfully exploited Secure Email Gateways (SEGs) and deceived victims across diverse industries, including finance, government, aerospace, and energy.

In today's rapidly evolving threat landscape, safeguarding your organization against cyberattacks is more critical than ever. Traditional penetration testing (pentesting), while effective, often falls short due to its high costs, resource requirements, and infrequent implementation.

Many organizations struggle with password policies that look strong on paper but fail in practice because they're too rigid to follow, too vague to enforce, or disconnected from real security needs.

Signzy, a popular vendor offering online “know your customer” ID verification and customer onboarding services to several top financial institutions, commercial banks, and fintech companies, has confirmed a security incident, TechCrunch can exclusively report.

A security researcher uncovered a critical macOS vulnerability involving privilege escalation in Apple’s MallocStackLogging framework, which had gone undetected for nearly 20 years. The bug, tracked as CVE-2023-32428, was discovered in March 2023 and subsequently patched by Apple in October.

The Russia-aligned threat actor known as RomCom has been linked to the zero-day exploitation of two security flaws, one in Mozilla Firefox and the other in Microsoft Windows, as part of attacks designed to deliver the eponymous backdoor on victim systems.

The malware known as Ngioweb has been used to fuel a notorious residential proxy service called NSOCKS, as well as by other services such as VN5Socks and Shopsocks5, new findings from Lumen Technologies reveal.

What do hijacked websites, fake job offers, and sneaky ransomware have in common? They're proof that cybercriminals are finding smarter, sneakier ways to exploit both systems and people.

In today’s rapidly evolving digital landscape, cyber security has emerged as a paramount concern for organizations across all sectors.

At Recorded Future, we believe cybersecurity training should be engaging and effective. That's why we incorporate gamification into our annual and quarterly tabletop exercises.

After years of booming growth, the AI industry is now experiencing a significant slowdown in investment, as detailed in a recent report from Stanford’s Institute for Human-Centered Artificial Intelligence (HAI).

Enterprises and other large organizations have long been a lucrative and obvious target for cybercriminals, but in recent years — thanks to more sophisticated breach techniques.

There’s long existed a divide in the world of computer hacking between those who are taking a malicious approach to crack a system.

Indeed reports that almost one in five jobs are highly exposed to generative AI. The technology has proved advantageous for cybersecurity careers, automating threat data analysis and allowing cybersecurity professionals to focus more on mitigating the risks.