Security Bulletin

Attackers leveraged a malicious DLL from the Microsoft Word app to retrieve from open-source remote desktop and remote admin software UltraVNC a launcher that would facilitate injections of the CXCLNT malware and CLTEND remote access tool.

Comparable tactics, techniques, and procedures have been leveraged by North Korean threat group Konni, which has been tied to Kimsuky, in its escalating cyberespionage operations against Russia and South Korea.

Mustang Panda leveraged the embedded reverse shell functionality of Visual Studio Code to facilitate command execution, file creation, and malware distribution, as well as reconnaissance and data exfiltration activities.

Thousands of TP-Link and ASUS routers have already been part of Quad7's major 'xlogin' and 'alogin' clusters, while nearly 300 Ruckus wireless devices have been compromised to be included in the 'rlogin' cluster that commenced in June.

Here are five ways to strengthen digital identities.

Researchers flagged a pair of Gallup site XSS vulnerabilities.

Researchers flagged a pair of Gallup site XSS vulnerabilities.

A PRC threat cluster known as "Crimson Palace" is demonstrating the benefits of having specialized units carry out distinct stages of a wider attack chain.

It takes more than technical knowledge to write about cybersecurity in a way people want to read. It takes creativity, discipline, and other key skills.

Spotify and Apple Music among defrauded services using a combination of AI tools and bots.

The payment processing service said credit card information was accessed in June 2024.