Alerts

A trio of security flaws open the door to remote-code execution and a malware tsunami.

Purchase automation software delivered shortened URLs without protections.

"We hereby keep a right (sic) to forward all of the relevant documentation and data to military agencies of our choise (sic)" REvil reportedly wrote.

CD Projekt Red confirmed that employee and game-related data appears to be floating around the cyber-underground, four months after a hack on the Witcher and Cyberpunk 2077 developer.

Airlines are warned to scour networks for traces of the campaign, likely the work of APT41, lurking in networks.

There were more than 80 million login credentials for sale, used to inflict over $200 million in losses in the U.S. alone.

Raft of other proprietary game data and related software and developer kits also pilfered in the unspecified attack, which the company is investigating.

The group, known for masquerading as various APT groups, is back with a spate of attacks on U.S. companies.

Google has patched its Chrome browser, fixing one critical cache issue and a second bug being actively exploited in the wild.

The desktop conferencing IoT gadget allows remote attackers to install all kinds of malware and move laterally to other parts of enterprise networks.

Misconfigured dashboards are yet again at the heart of a widespread, ongoing cryptocurrency campaign squeezing Monero and Ethereum from Kubernetes clusters.

Emerging malware is lurking in Steam profile images.

The decision to pay the ransom demanded by the cybercriminal group was to avoid any further issues or potential problems for its customers, according to the company’s CEO.

A nameless malware resulted in a huge data heist of files, credentials, cookies and more that researchers found collected into a cloud database.

The higher-rated advisories focus on privilege-escalation bugs in CPU firmware: Tough to patch, hard to exploit, tempting to a savvy attacker.

Attackers accessed a VPN account that was no longer in use to freeze the company’s network in a ransomware attack whose repercussions are still vibrating.

Researchers discovered a highly targeted malware campaign launched in April, in which a new, unknown threat actor used two of the vulnerabilities that Microsoft said are under active attack.

Socially engineered BEC attacks using X-rated material spike 974 percent.

A Latvian malware developer known as "Max" has been arraigned on 19 counts related to fraud, identity theft, information theft and money laundering.

Google's June security bulletin addresses 90+ bugs in Android and Pixel devices.