Please turn on your JavaScript for this page to function normally.
vulnerability
45% of critical CVEs left unpatched in 2023

Global attack attempts more than doubled in 2023, increasing 104%, according to Armis. Blind spots and critical vulnerabilities are worsening, with 45% of critical CVEs …

supply chain
Software supply chain attacks are getting easier

ReversingLabs identified close to 11,200 unique malicious packages across three major open-source software platforms in 2023: npm, PyPI, and RubyGems. These findings mark an …

brain
Adversaries exploit trends, target popular GenAI apps

More than 10% of enterprise employees access at least one generative AI application every month, compared to just 2% a year ago, according to Netskope. In 2023, ChatGPT was …

data analytics
Cyber budgets and the VC landscape in 2024

In this Help Net Security video, Marcus Bartram, General Partner at Telstra Ventures, discusses his 2024 cybersecurity predictions: The U.S. will be in a recession by Q4 2024, …

API
APIs are increasingly becoming attractive targets

APIs, a technology that underpins today’s most used sites and apps, are being leveraged by businesses more than ever—ultimately opening the door to more online threats than …

malware
29 malware families target 1,800 banking apps worldwide

Mobile banking is outpacing online banking across all age groups due to its convenience and our desire to have those apps at our fingertips, according to Zimperium. However, …

account
3 main tactics attackers use to bypass MFA

Notable security breaches have bypassed MFA to compromise taxi broker Uber, games company EA, and authentication business Okta, according to SE Labs. CISOs must bolster MFA …

lock
86% of cyberattacks are delivered over encrypted channels

Threats over HTTPS grew by 24% from 2022, underscoring the sophisticated nature of cybercriminal tactics that target encrypted channels, according to Zscaler. For the second …

AI
AI’s efficacy is constrained in cybersecurity, but limitless in cybercrime

Bringing artificial intelligence into the cybersecurity field has created a vicious cycle. Cyber professionals now employ AI to enhance their tools and boost their detection …

cloud
OilRig targets Israel organizations with new lightweight downloaders

ESET researchers analyzed a growing series of new OilRig downloaders that the group used in several campaigns throughout 2022 to maintain access to target organizations of …

Cybercrime operation that sold millions of fraudulent Microsoft accounts disrupted

Microsoft disrupted an alleged threat actor group that built viable cybercrime-as-a-service (CaaS) businesses. Dubbed Storm-1152 by Microsoft, the group bilked enterprises and …

recruiters beware
Recruiters, beware of cybercrooks posing as job applicants!

Recruiters are being targeted via spear-phishing emails sent by cybercrooks impersonating job applicants, Proofpoint researchers are warning. “The tone and content of …

Don't miss

Cybersecurity news