cybersecurity threats

North Korean IT workers have long infiltrated Western tech firms, generating billions for their government, and have recently expanded into…

NSO Group, the developer of Pegasus spyware, is nearing acquisition by a U.S. consortium led by Robert Simonds, pending Israeli…

Legitimate open-source tools Velociraptor and Nezha are being weaponized by threat actors to maintain access, evade detection, and deploy ransomware…

Cybercriminals are leveraging AI to create sophisticated spam, malicious code, and phishing campaigns, while also directly targeting AI systems to…

Trinity of Chaos, a ransomware collective with ties to major cybercrime groups, has launched a TOR-based data leak site listing…

XWorm malware has evolved with ransomware capabilities and over 35 plugins, distributed by multiple threat actors through phishing campaigns after…

Cybersecurity threats are intensifying due to unpatched devices and supply chain compromises, as seen in attacks on Cisco firewalls and…

North Korea's covert IT worker program has expanded beyond targeting American tech and cryptocurrency firms to now include a wide…

Approximately 48,000 Cisco ASA devices remain vulnerable to active zero-day attacks, posing ongoing risks globally, with the majority located in…

The BRICKSTORM espionage campaign targets legal, technology, SaaS, and BPO firms to steal intellectual property and sensitive data, requiring immediate…

A wave of sophisticated cyberattacks is exploiting newly discovered zero-day vulnerabilities in critical enterprise infrastructure, including Cisco's ASA and Fortra's…

Ransomware attacks have surged dramatically, with a 20% increase in victims in the first half of the year, driven by…

The Scattered Spider hacking group poses a severe threat to businesses by using sophisticated methods like social engineering and ransomware,…

A new ransomware called "Obscura," discovered in late August 2025, uses domain infrastructure to stealthily spread across corporate networks by…

Obsidian Security has launched a new defense system specifically designed to secure AI agents in SaaS environments, addressing the security…

One in three UAE companies has faced spoofing or deepfake attacks, highlighting a major shift toward sophisticated impersonation tactics as…

A decade-old security flaw known as the pixie dust attack continues to threaten networks by exploiting weaknesses in the Wi-Fi…

A self-replicating worm named Shai-Hulud has infected hundreds of open-source JavaScript packages on NPM, actively seeking credentials to spread further…

Cybersecurity leaders are grappling with AI's dual role as both a critical defense tool and a vulnerability, with widespread adoption…

Neglected assets, such as abandoned cloud instances and outdated technology, expand the attack surface by providing easy entry points for…