The widescale use of VMware ESXi in enterprises has now attracted a new Cheerscrypt ransomware threat that is targeting poorly secured ESXi servers. According to the ransom notes, the attackers give their victims three days to access the provided Tor site to negotiate the ransom payment for a worki ... Read More

MalwareHunterTeam discovered a new malware sample containing a ransom note instead of a promotional text. The note states that the gang has stolen the victim’s data, along with encrypting it.

The Federal Bureau of Investigation (FBI) has issued an alert about usernames and passwords giving access to colleges and universities based in the U.S. are available for sale on Russian cybercriminal forums.

GitHub has revealed it stored a "number of plaintext user credentials for the npm registry" in internal logs following the integration of the JavaScript package registry into GitHub's logging systems.

Security researchers at Microsoft have found high severity vulnerabilities in a framework used by Android apps from multiple large international mobile service providers.

The US cybersecurity authority is urging everyone to patch a number of software flaws, including some older ones in Microsoft's Silverlight plug-in and Adobe Flash Player.

The attack has caused severe operational disruption of government services, as thousands of workstations have allegedly been locked by the threat actor. The cyberattack also disrupted COVID-19 tests processing and contact tracing.

Details have emerged about a recently patched critical remote code execution vulnerability in the V8 JavaScript and WebAssembly engine used in Google Chrome and Chromium-based browsers.

The flaw resides in Guzzle’s cookie middleware, which is disabled by default, “so most library consumers will not be affected by this issue”, reads a GitHub security advisory published by a Guzzle maintainer on Wednesday (May 25).

In a statement published to social media networks on Thursday afternoon, officials said that after "several days of investigation" it has become clear that the incident that first began on Sunday is a cyberattack.