A team of security researchers from the University of California, Irvine (UCI), Arizona State University (ASU), and Huntington Ingalls Industries (HII) received a three-year $15 million grant from the US Defense Advanced Research Projects Agency

The National Security Agency (NSA), Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and international allies have published a new Cybersecurity Advisory (CSA) titled "Russian Military Cyber Actors T

To fill over half a million job openings in cyber, technology and AI, the White House Office of the National Cyber Director put out a new program to fill the shortfalls.

Three men pleaded guilty in a British court to running an online criminal service called "OTPAgency," advertised to evade Multi-Factor Authentication (MFA) defenses for banks such as HSBC, Lloyds, and Monzo.

The US Department of Homeland Security (DHS) Science and Technology Directorate (S&T) has made a Request for Information (RFI) from commercial port operators in order to advance the Directorate's Maritime Port Resiliency and Security Research Testb

A new report by the Atlantic Council's Cyber Statecraft Initiative and researchers at American University highlights that spyware vendors can evade sanctions partly because of a complex network of interrelated entities and different jurisdictions

"Tropic Trooper," a China-linked Advanced Persistent Threat (APT) group, is conducting an espionage campaign targeting government entities in the Middle East.

Researchers have discovered a new Go language-based backdoor called "KTLVdoor" that targets Windows and Linux systems and is linked to the Chinese-speaking threat actor named "Earth Lusca." Earth Lusca has been active since at least April 2019, targeti

"SpyAgent," a new Android malware, steals cryptocurrency wallet recovery phrases from screenshots on a mobile device using Optical Character Recognition (OCR) technology.

Multiple campaigns have exploited a recently disclosed OSGeo GeoServer GeoTools security flaw to deliver cryptocurrency miners, botnet malware, and a backdoor.

Veeam recently announced patches for multiple vulnerabilities in its enterprise products, including critical severity bugs that could lead to remote code execution (RCE).

According to security researchers at Patchstack, a vulnerability in the popular LiteSpeed Cache plugin for WordPress could allow attackers to retrieve user cookies and potentially take over websites.