Google says it recently fixed an authentication weakness that allowed crooks to circumvent email verification needed to create a Google Workspace ...

The Chinese company in charge of handing out domain names ending in “.top” has been given until mid-August 2024 to show that it has put in place sy...

A faulty software update from cybersecurity vendor Crowdstrike crippled countless Microsoft Windows computers across the globe today, disrupting...

At least a dozen organizations with domain names at domain registrar Squarespace saw their websites hijacked last week. Squarespace bought all...

AT&T Corp. disclosed today that a new data breach has exposed phone call and text message records for roughly 110 million people -- nearly all of...

The Russia-based cybercrime group dubbed "Fin7," known for phishing and malware attacks that have cost victim organizations an estimated $3...

Microsoft Corp. today issued software updates to plug 139 security holes in various flavors of Windows and other Microsoft products. Redmond says...

Most accomplished cybercriminals go out of their way to separate their real names from their hacker handles. But among certain old-school Russian...

On March 8, 2024, KrebsOnSecurity published a deep dive on the consumer data broker Radaris, showing how the original owners are two men in...

A 22-year-old man from the United Kingdom arrested this week in Spain is allegedly the ringleader of Scattered Spider, a cybercrime group...

2.5 million people were affected, in a breach that could spell more trouble down the line.

Researchers uncover a watering hole attack likely carried out by APT TA423, which attempts to plant the ScanBox JavaScript-based reconnaissance tool.

Over 130 companies tangled in sprawling phishing campaign that spoofed a multi-factor authentication system.

Lockbit is by far this summer’s most prolific ransomware group, trailed by two offshoots of the Conti group.

Tens of thousands of cameras have failed to patch a critical, 11-month-old CVE, leaving thousands of organizations exposed.

Twitter is blasted for security and privacy lapses by the company’s former head of security who alleges the social media giant’s actions amount to ...

CISA is warning that Palo Alto Networks’ PAN-OS is under active attack and needs to be patched ASAP.

Fake travel reservations are exacting more pain from the travel weary, already dealing with the misery of canceled flights and overbooked hotels.

Separate fixes to macOS and iOS patch respective flaws in the kernel and WebKit that can allow threat actors to take over devices and are under...

An insufficient validation input flaw, one of 11 patched in an update this week, could allow for arbitrary code execution and is under active attack.