Threats Archives

The Chinese national flag flies outside the Ministry of Foreign Affairs in Beijing on July 26, 2023. (Photo by GREG BAKER/AFP via Getty Images)

China-backed espionage group hits Ivanti customers again

UNC5221 has a knack for exploiting defects in Ivanti products. The group has exploited at least four vulnerabilities in the vendor’s products since 2023, according to Mandiant.

3 hours ago By Matt Kapko

International intelligence agencies raise the alarm on fast flux

The NSA and its partners want organizations to protect themselves against the technique, which can be tough to spot.

8 hours ago By Greg Otto

WASHINGTON, DC – APRIL 01: Retired Lt. Gen. Dan Caine, President Trump’s nominee to be Chairman of the Joint Chiefs of Staff, testifies during his Senate Armed Services Committee confirmation hearing on April 01, 2025 in Washington, DC. Caine, a retired Air Force General, was nominated by President Trump in February after Trump fired former Chairman Gen. Charles Q. Brown. (Photo by Win McNamee/Getty Images)

Cybercom discovered Chinese malware in South American nations — Joint Chiefs chairman nominee

So-called hunt forward operations by U.S. Cyber Command have uncovered Chinese malware implanted in Latin American nations, according to retired Lt. Gen. Dan "Razin" Caine.

2 days ago By Mark Pomerleau

Renew — but improve — billion-dollar cyber grant program to states and locals, House witnesses say

The program faces a number of challenges before it is set to expire, during a time where state and local governments face a bevy of cyber risks…

2 days ago By Tim Starks

Identity lapses ensnared organizations at scale in 2024

Cisco Talos observed identity-based attacks in 60% of the incidents it responded to last year.

2 days ago By Matt Kapko

The money earned by remote North Korean IT workers is funding the North Korean weapons programs. (Getty Images)

The North Korea worker problem is bigger than you think

The yearslong scheme goes much deeper than contract work, extending to roles beyond traditional IT and sometimes granting the insider threat “keys to the kingdom,” DTEX President…

3 days ago By Matt Kapko

chrome extension — (Stephen Shankland / Flickr)

Browser extension sales, updates pose hidden threat to enterprises

Some browser extension permissions are too broad, and owners can quickly repurpose pre-approved capabilities for malicious intent, a security researcher told CyberScoop.

Mar 27, 2025 By Matt Kapko

String of defects in popular Kubernetes component puts 40% of cloud environments at risk

Researchers aren’t aware of active exploitation in the wild, but they warn the risk for publicly exposed and unpatched Ingress Nginx controllers is extremely high.

Mar 26, 2025 By Matt Kapko

Traffic streaks past the Department of Justice (DOJ) headquarters building late in the evening on May 18, 2024 in Washington, DC. (Photo by J. David Ake/Getty Images)

Canadian citizen allegedly involved in Snowflake attacks consents to extradition to US

Connor Moucka, a 26-year-old arrested at the behest of U.S. authorities in October in Kitchener, Ontario, faces 20 federal charges.

Mar 24, 2025 By Matt Kapko

Safe Mode

Allie Bohan on how to handle the non-technical side of a ransomware attack

FTI Consulting’s Allie Bohan

Mar 20, 2025 By CyberScoop Staff