The threat actor known as "TA558" has been using steganography as an obfuscation method in the delivery of a variety of malware, including Agent Tesla, FormBook, Remcos RAT, LokiBot, GuLoader, Snake Keylogger, XWorm, and more.

Fabian Baumer and Marcus Brinkmann from Ruhr University Bochum discovered a vulnerability in PuTTY 0.68 through 0.80 that enables attackers with access to 60 cryptographic signatures to recover the private key used to generate them.

The "RansomHub" ransomware group is now publishing data allegedly stolen from the healthcare transaction processor Change Healthcare in February. The incident disrupted Change Healthcare's operations and caused healthcare system outages.

According to security researchers at Pentera, a substantial 93% of enterprises admitting to a breach have suffered significant consequences, ranging from unplanned downtime to data exposure or financial loss.

A new security flaw, dubbed "LeakyCLI" by the Orca Security team, impacts command-line tools used in cloud environments.

Recently, Shakeeb Ahmed, a former senior security engineer, was sentenced to three years in prison for hacking and defrauding two cryptocurrency exchanges.

Researchers from the Institute of Applied Information Processing and Communications at Graz University of Technology (TU Graz) successfully demonstrated three side-channel attacks on graphics cards via the WebGPU browser interface.

A Russian threat actor is targeting game developers with fraudulent Web3 gaming projects that install multiple variants of infostealers on macOS and Windows devices.

Authorities in Australia and the US recently announced the arrest and indictment of two individuals for their roles in developing and selling the Hive remote access trojan (RAT).

The National Security Agency (NSA) has published a Cybersecurity Information Sheet (CSI) titled "Deploying AI Systems Securely: Best Practices for Deploying Secure and Resilient AI Systems." The CSI aims to help National Security System (NSS) owners an

According to Binarly, there is an unpatched security flaw impacting the Lighttpd web server in Intel and Lenovo Baseboard Management Controllers (BMCs).

Purdue University researchers have launched a multidisciplinary project to model, simulate, and analyze Cyber-Physical Systems (CPS), aiming to improve system robustness and make system analysis more scalable and effective.