Phantom Taurus has stolen sensitive data from ministries of foreign affairs, embassies, diplomats and telecom networks in the Middle East, Africa and Asia, researchers said.

The agency, which issued an emergency directive to federal agencies Thursday, said it took months to determine the root cause and mitigate the activity.

The group, linked to FSB Center 16, has been scanning the internet for end-of-life software, which it has found in droves.

A researcher tells CyberScoop that up to 80% of enterprises could be vulnerable to the zero-day Microsoft patched in its June update.

The besieged security vendor maintains the latest exploited vulnerabilities in its products are entirely linked to unspecified security issues in open-source libraries. Some researchers aren’t buying it.

The successful break-up of DanaBot marks the second high-profile law enforcement disruption of a widespread malware operation in as many days.

Exploited vulnerabilities have turned up in Ivanti products 16 times since 2024. That’s more than any other vendor in the network edge device space.

UNC5221 has a knack for exploiting defects in Ivanti products. The group has exploited at least four vulnerabilities in the vendor’s products since 2023, according to Mandiant.

Researchers at Black Lotus Labs have uncovered an operation where a back door is dropped onto enterprise-grade Juniper Networks routers and listens for specific network signals, known…

A report from Trend Micro details the highly sophisticated ways Salt Typhoon carries out its operations.