Collaborate Disseminate
Cisco has yet to release a patch for the actively exploited vulnerability, and attacks have been underway since at least late November.
The post Cisco customers hit by fresh wave of zero-day attacks from China-linked APT appeared first on CyberScoop.
Continue reading Cisco customers hit by fresh wave of zero-day attacks from China-linked APT
Attacker interest in the vulnerability is magnified by an unparalleled number of publicly available exploits, earning the defect the highest verified public exploit count of any CVE ever.
The post React2Shell fallout spreads to sensitive targets as public exploits hit all-time high appeared first on CyberScoop.
Researchers said attackers linked to Russia’s military intelligence agency have moved from vulnerability exploits to focus on poorly configured network edge devices to keep its access to target networks.
The post Amazon warns that Russia’s Sandworm has shifted its tactics appeared first on CyberScoop.
Continue reading Amazon warns that Russia’s Sandworm has shifted its tactics
The federal government contractor admits it made multiple mistakes in the hiring and firing of Muneeb and Sohaib Akhter.
The post Opexus claims background checks missed red flags on twins accused of insider breach appeared first on CyberScoop.
Continue reading Opexus claims background checks missed red flags on twins accused of insider breach
Researchers warn that half of the exposed vulnerable instances remain unpatched as in-the-wild exploitation grows rapidly.
The post Attacks pinned to critical React2Shell defect surge, surpass 50 confirmed victims appeared first on CyberScoop.
Continue reading Attacks pinned to critical React2Shell defect surge, surpass 50 confirmed victims
Microsoft closed out the year with 1,139 total defects patched, making it the second-largest year in volume behind 2020, according to Trend Micro.
The post Microsoft’s last Patch Tuesday of 2025 addresses 57 defects, including one zero-day appeared first on CyberScoop.
Continue reading Microsoft’s last Patch Tuesday of 2025 addresses 57 defects, including one zero-day
Mohammad Bagher Shirinkar and Fatemeh Sedighian Kashi are accused of maintaining a close relationship planning and conducting cyberattacks of interest to the Iranian government.
The post Officials offer $10M reward for information on IRGC-linked leader and close associate appeared first on CyberScoop.
Payments declined one-third to $734M, yet the number of victims confronting ransomware still remains a largely unchanged epidemic, sliding just 2% last year.
The post Is ransomware finally on the decline? Treasury data offers cautious hope appeared first on CyberScoop.
Continue reading Is ransomware finally on the decline? Treasury data offers cautious hope
Muneeb and Sohaib Akhter previously pleaded guilty to hacking into the State Department and other cybercrimes in 2015.
The post Twins with hacking history charged in insider data breach affecting multiple federal agencies appeared first on CyberScoop.
The open-source code library is one of the most extensively used application frameworks. Wiz found vulnerable versions in around 39% of cloud environments.
The post Developers scramble as critical React flaw threatens major apps appeared first on CyberScoop.
Continue reading Developers scramble as critical React flaw threatens major apps