According to researchers at Picus Security, hackers are increasingly deploying "hunter-killer" malware, which is "ultra-evasive, highly aggressive" malware capable of finding and shutting down enterprise security tools in compromised systems.

In a new update, Southern Water recently confirmed that the personal data of both customers and employees had been accessed in a recent ransomware attack.

Actors are exploiting a vulnerability, tracked as CVE-2024-21893, in Ivanti Connect Secure, Policy Secure, and Neurons for ZTA to inject a backdoor called DSLog.

Bank of America is warning customers about a data breach after one of its service providers, Infosys McCamish Systems (IMS), was hacked in 2023.

According to security researchers at Proofpoint, Bumblebee malware has recently re-emerged following a four-month absence from the cyber threat landscape.

The Intelligence Advanced Research Projects Activity (IARPA) has launched a program that, for the first time, directly focuses on the psychology of cyberattackers.

The Intelligence Advanced Research Projects Activity (IARPA) launched the Trojans in Artificial Intelligence (TrojAI) program, which aims to defend AI systems by researching and developing technology capable of detecting and mitigating Trojan attacks.

According to the Cybersecurity and Infrastructure Security Agency (CISA), a Roundcube email server vulnerability patched in September 2023 is being actively exploited in Cross-Site Scripting (XSS) attacks.

The US Department of Justice (DOJ) has announced the seizure of online infrastructure used to sell a Remote Access Trojan (RAT) called Warzone RAT.

Fortinet has recently patched critical remote code execution vulnerabilities in FortiOS (CVE-2024-21762 and CVE-2024-23313), one of which is “potentially” being exploited in the wild.

Many environments and individual user accounts have been compromised as part of an ongoing campaign that targets Microsoft Azure corporate clouds.

Rhysida ransomware victims can successfully decrypt files encrypted by the ransomware because of an implementation vulnerability discovered by researchers and used to create a decryptor.