Researchers have found two new Microsoft SharePoint flaws, posing a significant threat to businesses. These vulnerabilities could enable attackers to bypass audit logs, avoid triggering downloads, and exfiltrate SharePoint data.

Cyber threats to the energy sector have increased significantly as geopolitical tensions continue to drive state-sponsored cyber espionage.

Selections by dgoff

Microsoft warns about a vulnerability that allows hackers to take complete control of Azure Kubernetes clusters.

A ransomware gang, dubbed "Muliaka" by the Moscow-based cybersecurity company F.A.C.C.T., has been targeting Russian businesses with malware developed from the Conti hacking group's leaked source code.

A hacking forum leak recently has led Home Depot to confirm that its employee data was compromised via a third-party software vendor.

Many threat actors are using malware to scan software vulnerabilities that they can exploit in future cyberattacks.

A new Vietnam-connected cybercrime group called "CoralRaider" has targeted individuals and organizations in Asia, stealing social media account information and user data.

Network attached storage (NAS) vendor D-Link has recently urged users of end-of-life (EOL) products to retire and replace them, after news emerged of mass exploitation of legacy kit via a newly discovered vulnerability.

Bitdefender has discovered four vulnerabilities affecting multiple versions of WebOS, the operating system used in LG smart TVs. The flaws enable unauthorized access and control over the impacted models.

"RUBYCARP," a threat group with suspected Romanian origins, has been observed operating a long-running botnet for cryptocurrency mining, Distributed Denial-of-Service (DDoS), and phishing attacks.

It has recently been revealed that one month after paying cybercriminals to prevent the public release of data stolen in a February 2024 ransomware attack, Change Healthcare is being extorted again by a different cybercrime group.