Why ransomware gangs want you to keep using that GPON router
A vulnerability found in 2018 is ranked #6 on the list of most attacked vulnerabilities.
2 minutes
Pieter Arntz
Exchange Server 2016 and 2019 have less than a year to live
On October 14, 2025, Exchange Server 2016 and Exchange Server 2019 reach end of support.
2 minutes
How threat actors use AI
OpenAI has published an update on some of the criminal campaigns it has identified and disrupted.
2 minutes
Patch now! Palo Alto Expedition vulnerabilities could leak firewall credentials
A set of vulnerabilities in Palo Alto Networks Expedition could allow an attacker to read database contents and arbitrary files
2 minutes
Update now! Five zero-days fixed October Patch Tuesday
Microsoft’s October Patch Tuesday covers five zero-days, two of which are being actively exploited.
2 minutes
Ransomware insurance is funding cybercrime, says White House official
"This is a troubling practice that must end."
2 minutes
Zimbra SMTP vulnerability is being exploited in numbers
The flaw can be exploited by sending an email with a specially crafted CC field.
1 minute
A visit to a print shop put a password stealer on a co-worker’s laptop
Old-school malware distribution methods have a habit of hanging around long after people stop talking about them.
2 minutes
Watch out! Mobidash Android adware spread through phishing and online links
ThreatDown has uncovered a new campaign spreading the MobiDash adware for Android.
1 minute
Hybrid cloud environments are not safe from ransomware
A ransomware affiliate has been found compromising hybrid cloud environments.
3 minutes
Android’s Rusty new code shakes off huge number of memory-safe vulnerabilities
Google has dramatically reduced the number of serious memory safety vulnerabilities in Android by shifting to memory-safe languages.
2 minutes
North Korean IT workers—or how not to solve the IT staff shortage
North Korea has been infiltrating organizations using IT workers with fake identities.
3 minutes
Ivanti patches admin bypass for Cloud Services Appliance
Ivanti has released a security advisory for a critical vulnerability in Ivanti CSA 4.6 which is being actively exploited.
2 minutes
Windows MSHTML vulnerability actively exploited
CISA has added another MSHTML vulnerability rooted in Internet Explorer to its known exploited vulnerabilities catalog
1 minute
Microsoft might kick security vendors out of the Windows kernel
Reducing kernel-level access could undermine security vendors' ability to protect systems effectively.
1 minute
Update now! Four zero-days fixed in September Patch Tuesday
Microsoft’s September Patch Tuesday covers 79 Microsoft CVEs and includes four actively exploited zero-days.
2 minutes
NIS 2 is coming, are you ready?
The NIS2 directive aims to raise the standard of cybersecurity in Europe and brings new obligations and new penalties for…
4 minutes
Ransomware payments on track to smash $1.1 billion record
Median payments to some strains are now $1.5 million—a 650% increase from early 2023.
1 minute
Update now! August Patch Tuesday covers several zero-days
Microsoft’s August Patch Tuesday covers 90 Microsoft CVEs and includes nine actively-exploited zero-days.
2 minutes
Patch now! Microsoft Office flaw could leak NTLM hashes
Microsoft is warning about a Microsoft Office vulnerability which an attacker could use to steal NTLM hashes.
3 minutes
