Cisco Talos observed identity-based attacks in 60% of the incidents it responded to last year.

The yearslong scheme goes much deeper than contract work, extending to roles beyond traditional IT and sometimes granting the insider threat “keys to the kingdom,” DTEX President…

Some browser extension permissions are too broad, and owners can quickly repurpose pre-approved capabilities for malicious intent, a security researcher told CyberScoop.

Researchers aren’t aware of active exploitation in the wild, but they warn the risk for publicly exposed and unpatched Ingress Nginx controllers is extremely high.

The software defect in the widely used open-source JavaScript framework allows attackers to bypass middleware-based authorization.

Trend Micro researchers discovered and reported the eight-year-old defect to Microsoft six months ago. The company hasn’t made any commitments to patch or remediate the issue.

Inexpensive information-stealing malware surged in 2024, infecting 23 million hosts, according to Flashpoint.

Socket researchers said the malware-ridden packages were collectively downloaded over 330 times. GitHub removed all of the malicious packages Wednesday.

The Chinese state-backed espionage group started targeting third-party IT services in late 2024, Microsoft researchers said.

Ransomware groups last year achieved lateral movement within an average of 48 minutes after gaining initial access to targeted environments, threat intelligence experts said.