The U.S. has indicted four Russians it alleges are affiliated with the FSB and GRU units responsible for the Triton and Dragonfly attacks against critical infrastructure in the United States and abroad.
Google researchers have detailed campaigns by two North Korean government-backed groups that exploited a now-fixed Chrome flaw to target organizations across various industries.
A recent campaign targeted Azure developers with malicious npm packages designed to look like legitimate tools.
The Lapsus$ group, which most recently claimed breaches of Microsoft and Okta, relies on several tactics used less frequently by other threat groups.
Microsoft has confirmed that the Lapsus$ group gained "limited" access after the group leaked Bing, Bing Maps and Cortana source code.
The Lapsus$ hacking and extortion group claims to have had access to internal Okta systems since January, but the company said it looked into the incident at a third party and it was contained.
The AvosLocker ransomware-as-a-service is spread via ProxyShell exploits and spam email messages, and in some cases attackers threaten DDoS attacks during negotiations.
A new initial access broker known as Exotic Lily has used exploits for zero days and sells network access to cybercrime teams such as FIN12 for ransomware deployment.
A critical container escape flaw in the CRI-O Kubernetes runtime engine has been patched.
OpenSSL has fixed a high-risk denial-of-service vulnerability in several versions of the software.
The American online retailer will be required to pay half a million dollars and improve its security practices by implementing MFA and encrypting sensitive data.
A recent report found that phishing attacks and zero-day exploits that target mobile devices have crept up over the past year.
Researchers have observed attackers leveraging email thread hijacking tactics to spread the Qakbot malware, which in turn deploys multiple payloads.
This week's Source Code podcast by Decipher takes a look behind the scenes at top news with input from our sources.
Threat actors are attempting to gain the trust of victims by pretending to be a potential customer and filling out an online contact form before launching the BazarLoader attack.