Threats Archives

Safe Mode

Allie Bohan on how to handle the non-technical side of a ransomware attack

FTI Consulting’s Allie Bohan

3 days ago By CyberScoop Staff

Nation-state groups hit hundreds of organizations with Microsoft Windows zero-day

Trend Micro researchers discovered and reported the eight-year-old defect to Microsoft six months ago. The company hasn’t made any commitments to patch or remediate the issue.

3 days ago By Matt Kapko

Six additional countries identified as suspected Paragon spyware customers

Researchers found suspected Graphite deployments in Australia, Canada, Cyprus, Denmark, Israel and Singapore.

4 days ago By Tim Starks

A picture of a toll booth in New Jersey. Scammers have been sending text messages about unpaid toll violations. (Getty Images)

Who is sending those scammy text messages about unpaid tolls?

The latest smishing scam follows a familiar process as ones the industry has seen over the past decade.

Mar 17, 2025 By Matt Kapko

In this picture taken near the truce village of Panmunjom inside the demilitarized zone (DMZ) separating the two Koreas, a bird flies near a North Korean flag fluttering in the wind at the propaganda village of Gijungdong in North Korea on October 4, 2022. (Photo by ANTHONY WALLACE/AFP via Getty Images)

Lazarus Group deceives developers with 6 new malicious npm packages

Socket researchers said the malware-ridden packages were collectively downloaded over 330 times. GitHub removed all of the malicious packages Wednesday.

Mar 12, 2025 By Matt Kapko

A view of the Microsoft corporate logo in front of the Microsoft Office building on 41st street and 8th avenue on July 19, 2024 in New York City. (Photo by Craig T Fruchtman/Getty Images)

Microsoft patches 57 vulnerabilities, including 6 zero-days

More than three-quarters of the vulnerabilities covered in the vendor’s monthly Patch Tuesday update are high-severity flaws.

Mar 11, 2025 By Matt Kapko

The Apple logo is seen on a window of the company’s store in Bangkok on March 5, 2021. (Photo by Mladen ANTONOV / AFP) (Photo by MLADEN ANTONOV/AFP via Getty Images)

Apple discloses zero-day vulnerability, releases emergency patches

Apple released emergency software patches Tuesday that address a newly identified zero-day vulnerability in the company’s WebKit web browser engine. Tracked as CVE-2025-24201, an attacker can potentially…

Mar 11, 2025 By Greg Otto

External researchers can’t determine the originating IP addresses for the flood of malicious traffic that hit X’s servers without direct access to X’s systems. (Photo by KIRILL KUDRYAVTSEV/AFP via Getty Images)

X suffered a DDoS attack. Its CEO and security researchers can’t agree on who did it.

X’s wave of outages resembled a DDoS attack and Dark Storm Team, a prolific threat group specializing in such attacks, claimed responsibility.

Mar 11, 2025 By Matt Kapko

U.S. Postal Service (USPS) trucks are parked at a post office on Aug. 23 in Glendale, California. (Photo by Mario Tama/Getty Images)

Ransomware poseurs are trying to extort businesses through physical letters

The FBI is warning business leaders about the scam perpetrated by an unidentified threat group.

Mar 7, 2025 By Matt Kapko

Silk Typhoon shifted to specifically targeting IT management companies

The Chinese state-backed espionage group started targeting third-party IT services in late 2024, Microsoft researchers said.

Mar 6, 2025 By Matt Kapko