BeyondTrust warns of critical RCE flaw in remote support software

BeyondTrust warned customers to patch a critical security flaw in its Remote Support (RS) and Privileged Remote Access (PRA) ...

Microsoft: Exchange Online flags legitimate emails as phishing

Microsoft is investigating an ongoing Exchange Online issue that mistakenly flags legitimate emails as phishing and ...

Chinese cyberspies breach Singapore's four largest telcos

The Chinese threat actor tracked as UNC3886 breached Singapore's four largest telecommunication service providers, Singtel, ...

European Commission discloses breach that exposed staff data

The European Commission is investigating a breach after finding evidence that its mobile device management platform was ...

Hackers breach SmarterTools network using flaw in its own software

SmarterTools confirmed last week that the Warlock ransomware gang breached its network after compromising an email system, but did not impact business applications or account data.

Password guessing without AI: How attackers build targeted wordlists

Attackers don't need AI to crack passwords, they build targeted wordlists from an organization's own public language. This article explains how tools like CeWL turn websites into high-success password ...

Men charged in FanDuel scheme fueled by thousands of stolen identities

Two Connecticut men face federal charges for allegedly defrauding FanDuel and other online gambling sites of $3 million over several years using the stolen identities of approximately 3,000 victims.

New tool blocks imposter attacks disguised as safe commands

A new open-source and cross-platform tool called Tirith can detect homoglyph attacks over command-line environments by ...

State actor targets 155 countries in 'Shadow Campaigns' espionage op

A new state-aligned cyberespionage threat group tracked as TGR-STA-1030/UNC6619, has conducted a global-scale operation ...

Payments platform BridgePay confirms ransomware attack behind outage

A major U.S. payment gateway and solutions provider says a ransomware attack has knocked key systems offline, triggering a ...

CISA orders federal agencies to replace end-of-life edge devices

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a new binding operational directive requiring ...

Microsoft to shut down Exchange Online EWS in April 2027

Microsoft announced today that the Exchange Web Services (EWS) API for Exchange Online will be shut down in April 2027, after ...