Scientists for the Pentagon’s far-out research branch, DARPA, weren’t sure that anyone would be able to collect the $50,000 prize when they announced their Shredder Challenge to find ways to ...

Fake travel reservations are exacting more pain from the travel weary, already dealing with the misery of canceled flights and overbooked hotels. A longtime threat group identified as TA558 has ramped ...

Over 130 companies tangled in sprawling phishing campaign that spoofed a multi-factor authentication system. Targeted attacks on Twilio and Cloudflare employees are tied to a massive phishing campaign ...

August Patch Tuesday tackles 121 CVEs, 17 critical bugs and one zero-day bug exploited in the wild. Microsoft is urging users to patch a zero-day vulnerability dubbed Dogwalk that is actively being ...

Users of GnuPG, OpenSSL and Git could be in danger from an attack that’s practical for ordinary attackers to carry out. A proof-of-concept attack has been pioneered that “fully and practically” breaks ...

Lockbit is by far this summer’s most prolific ransomware group, trailed by two offshoots of the Conti group. After a recent dip, ransomware attacks are back on the rise. According to data released by ...

Twitter is blasted for security and privacy lapses by the company’s former head of security who alleges the social media giant’s actions amount to a national security risk. A recently surfaced 84-page ...

Can we trust web browsers to protect us, even if they say “https?” Not with the novel BitB attack, which fakes popup SSO windows to phish away credentials for Google, Facebook and Microsoft, et al.

Citizen Lab uncovers multi-year campaign targeting autonomous region of Spain, called Catalonia. An unknown zero-click exploit in Apple’s iMessage was used by Israeli-based NSO Group to plant either ...

Ransomware attackers are now demanding cash from the customers of victims too. Ransomware attacks are exploding at a staggering rate, and so are the ransoms being demanded. Now experts are warning ...

Researchers uncover a watering hole attack likely carried out by APT TA423, which attempts to plant the ScanBox JavaScript-based reconnaissance tool. A China-based threat actor has ramped up efforts ...

The university said that it paid $457,000 to retrieve a decryption key after a ransomware attack encrypted student and faculty data on its servers. The University of Utah coughed up a $457,000 ransom ...