Kejia Wang and Zhenxing Wang established shell companies and hosted laptop farms to help operatives obtain jobs at more than 100 U.S. companies.

The National Vulnerability Database will now only analyze vulnerabilities in critical software, systems used in the federal government and those under active exploitation.

The vendor disclosed one actively exploited zero-day vulnerability in Microsoft Office SharePoint that allows attackers to view information and make changes to disclosed information.

The social engineering campaign spiked last month and has targeted dozens of organizations since May 2025, according to ReliaQuest.

The company said a developer tool automatically retrieved a malicious version of the popular open-source library, but insists the integrity of its systems and software were not…

Censys researchers warned that thousands of devices are exposed to the Iranian government’s campaign targeting energy, water, and U.S. government services and facilities.

FBI cyber chief Brett Leatherman told CyberScoop the Russian GRU campaign was unique in how it could propagate from routers to beyond.

Access Now, Lookout and SMEX joined research forces to find a campaign involving suspected Indian government-connected group Bitter, ProSpy spyware and more.

Forest Blizzard, a threat group attributed to Russia’s GRU, hijacked network traffic to steal credentials and tokens for Microsoft accounts and other services.

Iranian government hackers are launching disruptive cyberattacks on American energy and water infrastructure, U.S. government agencies “urgently” warned Tuesday. The hackers are taking aim at devices and…