Fake Bitwarden installation packages delivered RAT to Windows users
Windows users looking to install the Bitwarden password manager may have inadvertently installed a remote access trojan (RAT). The ZenRAT malware A malicious website (located …
Hands-on threat simulations: Empower cybersecurity teams to confidently combat threats
Security processes are increasingly automated which has led some businesses to deprioritize developing their security teams’ defense skills. While antivirus and non-human …
Balancing cybersecurity with convenience and progress
Changing approaches to cybersecurity have led to slow but steady progress in defense and protection. Still, competing interests create a growing challenge for cybersecurity …
Current ransomware defensive efforts are not working
Despite some positive developments, the impact of ransomware attacks remains high, according to SpyCloud. Infostealer infections preceded 22% of ransomware events for North …
Telecom firms hit with novel backdoors disguised as security software
Researchers have unearthed new backdoors leveraged to maintain long-term access in the networks of telecom firms in the Middle East. HTTPSnoop and PipeSnoop – as the two …
Fake WinRAR PoC spread VenomRAT malware
An unknown threat actor has released a fake proof of concept (PoC) exploit for CVE-2023-4047, a recently fixed remote code execution (RCE) vulnerability in WinRAR, to spread …
Industrial cybersecurity giant Dragos rakes in new funding, sets sights on global expansion
Today, Dragos revealed that it has secured a $74 million Series D extension funding round, spearheaded by the strategic operating and investment firm WestCap. The funding …
MetaStealer malware is targeting enterprise macOS users
Enterprise macOS users are being targeted by attackers slinging new information-stealing malware dubbed MetaStealer. The MetaStealer malware MetaStealer is delivered within …
The rise and evolution of supply chain attacks
A supply chain attack is a cyberattack that focuses on a third-party supplier providing essential services or software to the supply chain. In this Help Net Security video, …
Requests via Facebook Messenger lead to hijacked business accounts
Hijackers of Facebook business accounts are relying on fake business inquiries and threats of page/account suspension to trick targets into downloading password-stealing …
Microsoft Teams users targeted in phishing attack delivering DarkGate malware
A new phishing campaign taking advantage of an easily exploitable issue in Microsoft Teams to deliver malware has been flagged by researchers. Delivering malware to Microsoft …
Email forwarding flaws enable attackers to impersonate high-profile domains
Sending an email with a forged address is easier than previously thought, due to flaws in the process that allows email forwarding, according to a research team led by …
Featured news
Resources
Don't miss
- LiteLLM vulnerability under active attack, CISA warns (CVE-2026-42271)
- The architecture of subtraction: Why it’s time to erase the roads, not just map the traffic
- Treating AI agents like service accounts for federated query security
- Malware ships with bugs that defenders could use against it
- Qilin ransomware affiliate exploited Check Point VPN zero-day (CVE-2026-50751)