ClickFix malware attacks evolve with video instructions and OS detection

ClickFix attacks have evolved to feature videos that guide victims through the self-infection process, a timer to pressure ...

Critical Cisco UCCX flaw lets attackers run commands as root

Cisco has released security updates to patch a critical vulnerability in the Unified Contact Center Express (UCCX) software, ...

Sandworm hackers use data wipers to disrupt Ukraine's grain sector

Russian state-backed hacker group Sandworm has deployed multiple data-wiping malware families in attacks targeting Ukraine's ...

Gootloader malware is back with new tricks after 7-month break

The Gootloader malware loader operation has returned after a 7-month absence and is once again performing SEO poisoning to ...

Hyundai AutoEver America data breach exposes SSNs, drivers licenses

Hyundai AutoEver America is notifying individuals that hackers breached the company's IT environment and gained access to ...

Windows 11 Store gets Ninite-style multi-app installer feature

The Microsoft Store on the web now lets you create a multi-app install package on Windows 11 that installs multiple ...

SonicWall says state-sponsored hackers behind September security breach

SonicWall's investigation into the September security breach that exposed customers' firewall configuration backup files ...

Google warns of new AI-powered malware families deployed in the wild

Google's Threat Intelligence Group (GTIG) has identified a major shift this year, with adversaries leveraging artificial ...

University of Pennsylvania confirms data stolen in cyberattack

The University of Pennsylvania has confirmed that a hacker breached numerous internal systems related to the university's ...

UK carriers to block spoofed phone numbers in fraud crackdown

Under a new partnership with the government aimed at combating fraud, Britain's largest mobile carriers have committed to ...

CISA warns of critical CentOS Web Panel bug exploited in attacks

The U.S. Cybersecurity & Infrastructure Security Agency (CISA) is warning that threat actors are exploiting a critical remote command execution flaw in CentOS Web Panel (CWP).

Hackers exploit WordPress plugin Post SMTP to hijack admin accounts

Threat actors are actively exploiting a critical vulnerability in the Post SMTP plugin installed on more than 400,000 ...