Six malicious packages have been identified on npm (Node package manager) linked to the notorious North Korean hacking group Lazarus. [...]

Apple has released emergency security updates to patch a zero-day bug the company describes as exploited in "extremely sophisticated" attacks. [...]

Today is Microsoft's March 2025 Patch Tuesday, which includes security updates for 57 flaws, including six actively exploited zero-day vulnerabilities. [...]

A newly discovered clipboard hijacking operation dubbed 'MassJacker' uses at least 778,531 cryptocurrency wallet addresses to steal digital assets from compromised computers. [...]

Threat intelligence company GreyNoise warns that a critical PHP remote code execution vulnerability that impacts Windows systems is now under mass exploitation. [...]

Cybercriminals are using AI for help in planning and conducting cyberattacks—but cybersecurity vendors are fighting back. Learn from Acronis Threat Research Unit about how AI-powered security solutions are closing the gap in the battle against AI-driven cyber threats. [...]

PowerSchool has published a long-awaited CrowdStrike investigation into its massive December 2024 data breach, which determined that the company was previously hacked over 4 months earlier, in August, and then again in September. [...]

CISA warned U.S. federal agencies to secure their networks against attacks exploiting three critical vulnerabilities affecting Ivanti Endpoint Manager (EPM) appliances. [...]

The Dark Storm hacktivist group claims to be behind DDoS attacks causing multiple X worldwide outages on Monday, leading the company to enable DDoS protections from Cloudflare. [...]

The U.S. Federal Trade Commission (FTC) said today that Americans lost a record $12.5 billion to fraud last year, a 25% increase over the previous year. [...]

​Later this week, the Federal Trade Commission (FTC) will start distributing over $25.5 million in refunds to those misled by tech support companies Restoro and Reimage's scare tactics. [...]

Switzerland's National Cybersecurity Centre (NCSC) has announced a new reporting obligation for critical infrastructure organizations in the country, requiring them to report cyberattacks to the agency within 24 hours of their discovery. [...]

Google paid almost $12 million in bug bounty rewards to 660 security researchers who reported security bugs through the company's Vulnerability Reward Program (VRP) in 2024. [...]

Quantum computing threatens to break traditional encryption, putting sensitive data at risk. Learn more from Specops Software about the risks of quantum computing and how to prepare for them. [...]

US cities are warning of an ongoing mobile phishing campaign pretending to be texts from the city's parking violation departments about unpaid parking invoices, that if unpaid, will incur an additional $35 fine per day. [...]

The ubiquitous ESP32 microchip made by Chinese manufacturer Espressif and used by over 1 billion units as of 2023 contains undocumented commands that could be leveraged for attacks. [...]

A software developer has been found guilty of sabotaging his ex-employer's systems by running custom malware and installing a "kill switch" after being demoted at the company. [...]

The ubiquitous ESP32 microchip made by Chinese manufacturer Espressif and used by over 1 billion units as of 2023 contains an undocumented "backdoor" that could be leveraged for attacks. [...]

Cybercriminals are sending bogus copyright claims to YouTubers to coerce them into promoting malware and cryptocurrency miners on their videos. [...]