Attackers are promoting sites impersonating the Microsoft Store, Spotify, and an online document converter that distribute malware to steal credit cards and passwords saved in web browsers.

To mitigate the vulnerability tracked as CVE-2021-22893 (with a 10/10 severity score), Pulse Secure advises customers with gateways running PCS 9.0R3 and higher to upgrade to the 9.1R.11.4 release.

To deceive Google into thinking they are legitimate sites rather than scams, threat actors use a black hat search engine optimization (SEO) technique called 'cloaking' to avoid getting flagged.

The US government sanctioned this week twenty-eight cryptocurrency addresses allegedly associated with entities or individuals linked to Russian cyberattacks or election interference.

In a novel approach to ransom demands, a new ransomware calling itself 'NitroRansomware' encrypts victim's files and then demands a Discord Nitro gift code to decrypt files.

Although the BGP routing leak occurred in Vodafone's autonomous network (AS55410) based in India, it has impacted U.S. companies, including Google, according to various sources.

On Thursday, Celsius CEO Alex Mashinsky stated that Celsius' third-party marketing server was compromised, and threat actors gained access to a partial Celsius customer list.

Although there is nothing sophisticated about HackBoss, the scheme proves to be effective as it tempts victims with the prospect of getting hacking tools, mostly for brute-forcing passwords.

A report by Bolster shows how threat actors use typosquatting domain names that impersonate the popular Rarible.com site but lead them to scams, malware, and other unwanted content.

SAP's security updates for this month address multiple critical vulnerabilities. The most serious of them, rated with the highest severity score, affects the company's Business Client product.