News

The North Korean threat actor known as the Lazarus Group has been linked to a previously undocumented JavaScript implant named Marstech1 as part of limited targeted attacks against developers.

Cybersecurity researchers have disclosed a new type of name confusion attack called whoAMI that allows anyone who publishes an Amazon Machine Image (AMI) with a specific name to gain code execution within the Amazon Web Services (AWS) account.

Google is working on a new security feature for Android that blocks device owners from changing sensitive settings when a phone call is in progress.

Threat actors have been observed leveraging Google Tag Manager (GTM) to deliver credit card skimmer malware targeting Magento-based e-commerce websites.

Apple on Monday released out-of-band security updates to address a security flaw in iOS and iPadOS that it said has been exploited in the wild.

A coordinated law enforcement operation has taken down the dark web data leak and negotiation sites associated with the 8Base ransomware gang.

Bogus websites advertising Google Chrome have been used to distribute malicious installers for a remote access trojan called ValleyRAT

Threat actors have been observed exploiting recently disclosed security flaws in SimpleHelp's Remote Monitoring and Management (RMM) software as a precursor for what appears to be a ransomware attack.

India's central bank, the Reserve Bank of India (RBI), said it's introducing an exclusive "bank.in" internet domain for banks in the country to combat digital financial fraud.

Google has shipped patches to address 47 security flaws in its Android operating system, including one it said has come under active exploitation in the wild.