Security Bulletin

Malicious battery charge tracking and photo gallery apps, as well as a phony Samsung Knox app and trojanized Telegram app, have been leveraged to distribute the similar BoneSpy and PlainGnome spyware, which facilitate compromise of device location...

Identified within a Gasboy fuel control system's payment terminal believed to have been targeted by the Iranian state-backed operation CyberAv3ngers, IOCONTROL features a modular configuration and sophisticated script enabling the persistent...

At least $88 million have already been earned by North Korean state-sponsored firms Yanbian Silverstar and Volasys Silverstar for leading operations of the six-year fraud scheme, which involved fake IT workers leveraging sophisticated obfuscation...

Defenders running the Cleo managed file transfer are urged to be on the lookout for the Cleopatra backdoor and other indicators of an ongoing ransomware campaign, as patching details remain foggy, and no CVE has been issued.

DOJ announced that two arrested in Kosovo, a third in Albania tied to Rydox dark market website.

Businesses deploying large language models and other GenAI systems have a growing collection of open source tools for testing AI security.

A new side-channel attack method is a computationally practical way to infer the structure of a convolutional neural network — meaning that cyberattackers or rival companies can plagiarize AI models and take their data for themselves.

Open to players of all skill levels, the "Snow-mageddon" cybersecurity competition takes place in the world of Santa, elves, and Christmas mayhem.

Malware linked to Iran’s CyberAv3ngers, a group that targets gas stations and water systems in the U.S. and Israel.

Cynet was the only vendor to achieve 100% Visibility and 100% Protection in the 2024 MITRE ATT&CK Evaluation.