SecurityWeek

New Paper and Tool Help Security Teams Move Beyond Blind Reliance on CISA’s KEV Catalog

The cybersecurity of business is not the function of CISA. CISA’s remit is to raise the security of FECB agencies, and KEV is ...

DOJ says Trenchant boss sold exploits to Russian broker capable of accessing ‘millions of computers and devices’

The former boss of the L3Harris-owned hacking and surveillance tools maker Trenchant faces nine years in prison for selling several exploits to a Russian broker, which counts the Russian government ...

Microsoft says hackers are exploiting critical zero-day bugs to target Windows and Office users

Critical security flaws targeting Windows and Office users allow hackers to take complete control of a victim's computer by ...

Microsoft fixes Notepad flaw that could trick users into clicking malicious Markdown links

Microsoft has fixed a serious security vulnerability affecting Markdown files in Notepad. In the company’s Tuesday patch ...
The Hacker News

TeamPCP Worm Exploits Cloud Infrastructure to Build Criminal Infrastructure

Worm-driven TeamPCP campaign exploits Docker, Kubernetes, Redis, Ray, and React2Shell to build proxy infrastructure for data theft and ransomware.
MIT Technology Review

AI is already making online crimes easier. It could get much worse.

Some cybersecurity researchers say it’s too early to worry about AI-orchestrated cyberattacks. Others say it could already be ...

Microsoft’s February Patch Tuesday Fixes 6 Zero-Days Under Attack

Microsoft patches 58 vulnerabilities, including six actively exploited zero-days across Windows, Office, and RDP, as CISA sets a March 3 deadline.

ATM Malware Scheme Allegedly Stole Millions With Nothing But A Thumb Drive

A federal indictment reveals a coordinated ATM scheme spanning the country, with suspects using an unusually simple tactic to ...