Misconfigured Docker API instances have become the target of a new malware campaign that transforms them into a ...

Cybersecurity researchers have disclosed a malware campaign that uses fake software installers masquerading as popular tools ...

Mobile-focused phishing using SEO poisoning and fake portals hit payroll systems in May 2025, rerouting salaries and evading ...

Unlike human beings logging into systems, NHIs rarely have any policies to mandate rotation of credentials, tightly scope ...

Luna Moth uses spoofed IT domains and callback phishing to access law firm data, bypassing detection with legitimate tools.

TAG-110 abandoned HTA-based payloads in January 2025, using macro-enabled Word templates to target Tajik institutions.

VS Code extensions deployed sandbox-evasive malware to steal system data, developer credentials, and crypto wallets.

Latrodectus malware evades detection with ClickFix technique; TikTok and fake Ledger apps expand threat reach.

DoJ disrupts DanaBot malware after 300K infections and $50M damage; 16 charged in Russia-linked cybercrime ring.

The Zscaler ThreatLabz 2025 Phishing Report dives deep into the rapidly evolving phishing landscape and uncovers the latest ...

CISOs are finding themselves more involved in AI teams, often leading the cross-functional effort and AI strategy. But there aren't many resources to guide them on what their role should look like or ...