The SolarWinds attack, which succeeded by utilizing the sunburst malware, shocked the cyber-security industry. This attack achieved persistence and was able to evade internal systems long enough to gain access to the source code of the victim.

An Indian security researcher has publicly published a proof-of-concept (PoC) exploit code for a newly discovered flaw impacting Google Chrome and other Chromium-based browsers like Microsoft Edge, Opera, and Brave.

A new set of malicious Android apps have been caught posing as app security scanners on the official Play Store to distribute a backdoor capable of gathering sensitive information.

The 2021 spring edition of the Pwn2Own hacking contest concluded last week and witnessed successful attempts on Zoom, Apple Safari, Microsoft Exchange, Microsoft Teams, Parallels Desktop, Windows 10, and Ubuntu Desktop operating systems.

Saint Bot, a previously undocumented malware downloader has been spotted in the wild since January 2021 in phishing attacks to deploy credential stealers and other malicious payloads.

An Iranian threat actor has unleashed a new cyberespionage campaign against a possible Lebanese target with a backdoor capable of exfiltrating sensitive information from compromised systems.

PHP maintainers issued an update regarding the recent security incident, stating that attackers may have hacked a user database containing passwords to make unauthorized changes to the repository.

Disguised as a rogue Netflix app under the name of "FlixOnline," the malware comes with features that allow it to automatically reply to a victim's incoming WhatsApp messages with a malicious payload.

A hacking group related to a Chinese-speaking threat actor has been linked to an advanced cyberespionage campaign targeting government and military organizations in Vietnam.

The DoJ said that an Israeli national pleaded guilty for his role as an "administrator" of a portal called DeepDotWeb, a "news" website that "served as a gateway to numerous dark web marketplaces."