The elusive Iranian threat group known as Infy (aka Prince of Persia) has evolved its tactics as part of efforts to hide its ...

CISA confirmed on Wednesday that ransomware gangs have begun exploiting a high-severity VMware ESXi sandbox escape vulnerability that was previously used in zero-day attacks.

Leaked non-human identities like API keys and tokens are becoming a major breach driver in cloud environments. Flare shows ...

Within days of Microsoft patching a critical Office zero-day, the Russia-linked group “APT28” was already exploiting the flaw in a live campaign tracked as Operation Neusploit.

Massive password breach exposes 149 million stolen credentials online, including 48 million Gmail accounts. Learn what happened and protect yourself.

Attackers exploited Hugging Face’s trusted infrastructure to spread an Android RAT, using fake security apps and thousands of ...

Security vendors have been leaving deliberately insecure training applications on the public Internet, and attackers have been taking advantage of them to breach their cloud environments. What's the ...

DeFi protocol Makina Finance lost $4.2 million to hackers. Makina advised its liquidity providers to remove their assets.

Add Yahoo as a preferred source to see more of our stories on Google. Millions of records of Pornhub search history may now be forming the basis of extortion emails to subscribers of the porn website, ...

Digital investment firm Betterment has fallen victim to a cunning social engineering attack that enabled cybercriminals to send fraudulent cryptocurrency promotions directly to customers through the ...

North Korea’s record-breaking Bybit hack changed how exchanges handle security and even influenced FATF’s global crypto recommendations. Cryptocurrency exchange Bybit suffered a $1.4 billion hack in ...

What just happened? Do you subscribe to Wired? If so, you might want to be extra vigilant when it comes to suspicious emails. A hacking group claims to have posted sensitive information belonging to 2 ...