The Counter Ransomware Initiative (CRI) has released new guidance to encourage organizations to consider other options before giving in to cybercriminals' ransomware demands.

Tens of thousands of DrayTek routers, including models used by many businesses and government agencies, are at risk of attack due to 14 newly discovered firmware vulnerabilities.

Claroty surveyed 1,100 cybersecurity professionals responsible for securing Cyber-Physical Systems (CPS), including Operational Technology (OT), Internet of Things (IoT), Building Management Systems (BMS), and more.

The North Korean state-sponsored threat actor known as "APT37" is spreading a new backdoor named "VeilShell." Most North Korean Advanced Persistent Threats (APTs) target South Korean or Japanese organizations, but APT37's latest campaign appears to tar

Researchers at Elastic found that off-the-shelf offensive security tools and poorly configured cloud environments expand the attack surface.

Security vulnerabilities are a major issue in Artificial Intelligence (AI)-powered code generation. Therefore, Khiem Ton, a Ph.D.

In a Distributed Denial-of-Service (DDoS) campaign aimed at financial services, Internet, and telecommunications companies, volumetric attacks peaked at 3.8 terabits per second (Tbps), the largest publicly recorded.

The National Security Agency (NSA), together with the Australian Signals Directorate's Australian Cyber Security Centre (ASD ACSC) and others, released a new Cybersecurity Information Sheet (CSI) titled "Principles of Operational Technology Cyber

The new "FakeUpdate" campaign targeting users in France involves compromised websites that display fake browser and app updates, which deliver a new version of the WarmCookie backdoor.

Sellafield Ltd was recently fined $437,440 for cybersecurity failings running the Sellafield nuclear facility in Cumbria, North-West England.  The fine was issued by Westminster Magistrates Court.

According to security researchers at Cisco Talos, a financially-motivated threat actor has been observed targeting organizations globally with a MedusaLocker ransomware variant.

New international law enforcement actions have resulted in four arrests and the takedown of nine servers linked to the "LockBit" ransomware operation.