New MacOS Malware Exploits Legitimate Developer ID to Pose as Apple Crash Reporter
Researchers at Jamf Threat Labs detail CrashStealer, which steals passwords, cryptocurrency wallets and more
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
Researchers at Jamf Threat Labs detail CrashStealer, which steals passwords, cryptocurrency wallets and more
Researchers at the AI Now Institute developed a proof-of-concept exploit showing common AI tools used for security could backfire
AI models are making rapid gains in vulnerability research and exploit development, raising new cybersecurity risks, a Forescout study finds
Huntress researchers uncover campaign exploiting vulnerabilities to steal data using Elastic Cloud as a data hub
Researchers at Check Point link ‘Amarath-Dragon’ attacks to prolific Chinese cyber-espionage operation
Cybersecurity Researchers at ReliaQuest warn of an ongoing campaign delivered to “high-value individuals” via LinkedIn messages
CyberArk says it exploited a vulnerability in the StealC infostealer to gather intelligence
Cybersecurity researchers issue warning over a surge in attacks designed to trick Facebook users into handing over login credentials
BitSight research has revealed how threat actors exploit calendar subscriptions to deliver phishing links, malware and social engineering attacks through hijacked domains
Researchers at BlackFrog have uncovered Matrix Push C2, a malicious command-and-control system that abuses web browser push notifications to deliver malware
Threat actors were exploiting vulnerable versions of Triofox after a patched version was released, said Google Cloud researchers
The hackers are likely trying to collect data to feed the development of zero-day exploits, said Google researchers
Forescout found that most LLMs are unreliable in vulnerability research and exploit tasks, with threat actors still skeptical about using tools for these purposes
Cato Networks researchers demonstrated an attack leveraging Atlassian’s AI agent-enabling server
Researchers at ESET observed strengthened cyber-offensive activity from Russian groups, especially against Ukrainian and European entities
Researchers spot in-the-wild exploits of Samsung MagicInfo despite recent patch
Trend Micro detailed how attackers are using a fake proof-of-concept for a critical Microsoft vulnerability, designed to steal sensitive data from security researchers
Check Point research reveals cybercriminals are using Google Calendar and Drawings to send malicious links, bypassing traditional email security
Mandiant research details how Chinese espionage groups are deploying new tools post-exploitation of recently patched Ivanti vulnerabilities
The actor utilizes custom Linux malware to pursue financial gain, according to Check Point Research