Wordfence published an advisory on the WordPress Malcure Malware Scanner plugin, which was discovered to have a vulnerability rated at a severity level of 8.1. At the time of publishing, there is no ...

A new malware variant dubbed RESURGE has been uncovered by the US Cybersecurity and Infrastructure Security Agency (CISA) and is targeting Ivanti Connect Secure appliances through a critical ...

Discover how crypto malware operates through cryptojacking and ransomware, with real-world examples such as WannaMine and PowerGhost ...

In recent years, the use of malware embedded in Adobe Acrobat PDF plugins has become an increasingly sophisticated threat to cybersecurity. As PDFs are a widely used format for document sharing, they ...

New Windows malware abuses built-in security logic to disable Microsoft Defender, steal data, and encrypt files without using exploits.

In an especially brazen tactic, multiple threat actors are impersonating Google Ads login pages to trick advertisers into handing over their account credentials. The scammers appear to be succeeding ...

The Chinese-speaking ToddyCat advanced persistent threat (APT) group is targeting a security vulnerability in ESET's antivirus software to silently execute malicious payloads on infected devices.

CISA has published a Malware Analysis Report (MAR) with analysis and associated detection signatures on files related to Microsoft SharePoint vulnerabilities, according to a press release yesterday.

Security researchers at Zimperium zLabs, a mobile security software provider, have uncovered a sophisticated evolution of the "GodFather" banking malware, which employs an advanced on-device ...

The operators of the SystemBC proxy botnet are hunting for vulnerable commercial virtual private servers (VPS) and maintain an average of 1,500 bots every day that provide a highway for malicious ...

Camellia Chan is the CEO and Cofounder of Flexxon, a next-generation hardware cybersecurity solutions provider with a global presence. In 2024 alone, fileless malware like HeadCrab doubled its grip on ...

Threat actors continue to exploit ToolShell to gain unauthorized access to on-premises SharePoint servers. On August 6, 2025, the Cybersecurity and Infrastructure Security Agency (CISA) released a ...