143 matches found
Chinese Hackers Abused Google Workspace Rules to Steal Research and Defense Emails
A China-linked espionage group hid inside North American medical, academic, and military research networks for more than a year, quietly stealing sensitive research and defense email. The way in was a backdoor on their REDCap research servers that stole login credentials. The exfiltration was the...
CISA Flags Actively Exploited n8n RCE Bug as 24,700 Instances Remain Exposed
The U.S. Cybersecurity and Infrastructure Security Agency CISA on Wednesday added a critical security flaw impacting n8n to its Known Exploited Vulnerabilities KEV catalog, based on evidence of active exploitation. The vulnerability, tracked as CVE-2025-68613 CVSS score: 9.9, concerns a case of...
Sendmarc Releases DMARCbis Fireside Chat Featuring Co-Editor Todd Herr
Wilmington, North America, 24th February 2026, CyberNewswire...
North Korean PurpleBravo Campaign Targeted 3,136 IP Addresses via Fake Job Interviews
As many as 3,136 individual IP addresses linked to likely targets of the Contagious Interview activity have been identified, with the campaign claiming 20 potential victim organizations spanning artificial intelligence AI, cryptocurrency, financial services, IT services, marketing, and software...
UAT-8837 targets critical infrastructure sectors in North America
Cisco Talos is closely tracking UAT-8837, a threat actor we assess with medium confidence is a China-nexus advanced persistent threat APT actor based on overlaps in tactics, techniques, and procedures TTPs with those of other known China-nexus threat actors. Based on UAT-8837's TTPs and...
CVE-2011-0859
Unspecified vulnerability in Oracle PeopleSoft Enterprise HRMS 9.0 Tax Update 11-B and 9.1 Tax Update 11-B allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Global Payroll - North America...
Attackers accelerate, adapt, and automate: Rapid7’s Q3 2025 Threat Landscape Report
The Q3 2025 Threat Landscape Report, authored by the Rapid7 Labs team, paints a clear picture of an environment where attackers are moving faster, working smarter, and using artificial intelligence to stay ahead of defenders. The findings reveal a threat landscape defined by speed, coordination,...
Sendmarc appoints Dan Levinson as Customer Success Director in North America
Wilmington, Delaware, 21st October 2025, CyberNewsWire...
EUVD-2019-11322
Malware in sbrugna...
EUVD-2024-54341
Malicious code in bioql PyPI...
EUVD-2025-24832
Malicious code in bioql PyPI...
EUVD-2025-24834
Malicious code in bioql PyPI...
EUVD-2024-54343
Malicious code in bioql PyPI...
Sendmarc appoints Rob Bowker as North American Region Lead
Wilmington, United States, 4th September 2025, CyberNewsWire...
$AutoGuardX$: a Comprehensive Cybersecurity Framework for Connected Vehicles
The rapid integration of Internet of Things IoT and interconnected systems in modern vehicles not only introduced a new era of convenience, automation, and connected vehicles but also elevated their exposure to sophisticated cyber threats. This is especially evident in US and Canada, where...
Chinese Hackers Murky, Genesis, and Glacial Panda Escalate Cloud and Telecom Espionage
Cybersecurity researchers are calling attention to malicious activity orchestrated by a China-nexus cyber espionage group known as Murky Panda that involves abusing trusted relationships in the cloud to breach enterprise networks. "The adversary has also shown considerable ability to quickly...
CVE-2025-27846
In ESPEC North America Web Controller 3 before 3.3.8, an attacker with physical access can gain elevated privileges because GRUB and the BIOS are unprotected...
CVE-2025-27847
In ESPEC North America Web Controller 3 before 3.3.8, /api/v4/auth/ users session privileges are not revoked on logout...
CVE-2025-27847
In ESPEC North America Web Controller 3 before 3.3.8, /api/v4/auth/ users session privileges are not revoked on logout...
CVE-2025-27845
In ESPEC North America Web Controller 3 before 3.3.4, /api/v4/auth/ with any invalid authentication request results in exposing a JWT secret. This allows for elevated permissions to the UI...