AI-fueled cybercrime may outpace traditional defenses, Check Point warns

The security firm said in a new report that defenders should begin using AI to counter cyber criminals’ adoption of the technology.

By Eric Geller • April 30, 2025

Critical vulnerability in SAP NetWeaver Visual Composer leads to confirmed compromises

Thousands are exposed and potentially vulnerable as researchers warn of widespread exploitation.   

By David Jones • Updated 4 hours ago

FBI seeks public tips about Salt Typhoon

The bureau’s public alert follows months of conversations with the telecom industry about the far-reaching cyber espionage campaign by a Chinese nation-state threat actor.

By Eric Geller • April 28, 2025

BEC scams, investment fraud accounted for biggest cybercrime losses in 2024

Americans lost $16.6 billion to cyber fraud last year, according to an FBI report, with phishing, spoofing and extortion topping the list of complaints.

By Eric Geller • April 23, 2025

Conduent warns January breach impacted a ‘significant’ number of people

The company incurred a material amount of nonrecurring expenses during Q1 related to potential notification requirements.

By David Jones • April 22, 2025

DaVita hit by ransomware attack

The kidney dialysis firm doesn’t have an estimate for how long disruption from the attack will last, though it stressed patients are still receiving care.

By Emily Olsen • April 15, 2025

Attackers exploit zero-day flaw in Gladinet CentreStack file-sharing platform

Critical vulnerability affects both CentreStack and Gladinet’s on-premises file-sharing server, Triofox.

By Rob Wright • April 15, 2025

Over 14K Fortinet devices compromised via new attack method

Fortinet warned last week that a threat actor was using a novel post-exploitation trick to maintain access to devices after they were patched.

By Rob Wright • April 14, 2025

Fortinet warns of threat activity against older vulnerabilities

Researchers discovered a technique that allows threat actors to maintain read-only access to vulnerable FortiGate devices after they are patched.

By Rob Wright • April 11, 2025

Windows CLFS zero-day exploited in ransomware attacks

A threat actor tracked as Storm-2460 has used PipeMagic malware to facilitate the attacks.

By David Jones • April 9, 2025

Over 5K Ivanti VPNs vulnerable to critical bug under attack

China-linked threat actors last month began exploiting CVE-2025-22457, a critical stack buffer-overflow flaw.

By Rob Wright • April 8, 2025

Cisco confirms cyberattacks on Smart Licensing Utility flaw

CISA earlier this week added CVE-2024-20439, a static credential vulnerability in the license management app, to its known exploited vulnerabilities catalog.

By Rob Wright • April 3, 2025

FTC chief flags data privacy concerns in 23andMe bankruptcy

The company filed for bankruptcy after financial challenges over the past few years and a massive data breach in 2023.

By Alexei Alexis • April 2, 2025

Ransomware gangs increasingly brandish EDR bypass tools

Custom tool developed by RansomHub, dubbed “EDRKillShifter,” is used by several other rival ransomware gangs.

By Rob Wright • March 27, 2025

Russian threat actor weaponized Microsoft Management Console flaw

A threat actor known as “EncryptHub” began exploiting the zero-day vulnerability before it was patched earlier this month.

By Elizabeth Montalbano, Contributing Reporter • Updated March 26, 2025

Critical Apache Tomcat RCE vulnerability exploited

Attack attempts via CVE-2025-24813 are underway, but successful attacks require specific, non-default configurations, according to GreyNoise.

By Rob Wright • March 24, 2025

Coinbase originally targeted during GitHub Action supply chain attack

Researchers from Palo Alto Networks said the hackers likely planned to leverage an open source project of the company for additional attacks.

By David Jones • March 21, 2025

Medusa ransomware using malicious driver as EDR killer

"ABYSSWORKER" imitates a CrowdStrike Falcon driver.

By Rob Wright • March 21, 2025

11 nation-state groups exploit unpatched Microsoft zero-day

The tech giant has yet to address a vulnerability that allows for malicious payloads to be delivered via Windows shortcut files and has been under active attack for eight years.

By Elizabeth Montalbano, Contributing Reporter • March 19, 2025

RansomHub using FakeUpdates scheme to attack government sector

The ransomware gang is collaborating with SocGholish, an extensive malware operation that employs compromised websites and fake browser updates.

By Rob Wright • March 18, 2025

Supply chain attack against GitHub Action triggers massive exposure of secrets

The incident highlights ongoing security concerns in the software supply chain.

By David Jones • March 17, 2025

Black Basta uses brute-forcing tool to attack edge devices

The ransomware gang developed an automated framework to guess weak and reused passwords on VPNs and firewalls.

By Rob Wright • March 17, 2025

Medusa ransomware slams critical infrastructure organizations

The ransomware-as-a-service gang tallied more than 300 victims in industries such as healthcare, manufacturing and technology.

By Rob Wright • March 13, 2025

CISA: 3 Ivanti endpoint vulnerabilities exploited in the wild

Researchers last month published a proof-of-concept exploit for the critical flaws in Endpoint Manager.

By Rob Wright • March 11, 2025

Critical PHP vulnerability under widespread cyberattack

Telemetry data shows spikes in exploits of CVE-2024-4577 across several countries in recent months.

By Rob Wright • March 10, 2025