Hackers Use Social Engineering to Target Expert on Russian Operations

Citizen Lab and Google uncovered a new, sophisticated cyberattack linked to Russian state actors that exploits App-Specific Passwords, bypassing Multi-Factor Authentication. Discover how to protect yourself from these evolving threats...

The US Grid Attack Looming on the Horizon

A major cyberattack on the US electrical grid has long worried security experts. Such an attack wouldn’t be easy. But if an adversary pulled it off, it’d be lights out in more ways than one...

StormWall Reveals India, China and US Faced Most DDoS Attacks in Q1 2025

Shift in cyberattack focus puts APAC region under growing pressure...

ConnectWise Hit by Cyberattack; Nation-State Actor Suspected in Targeted Breach

ConnectWise, the developer of remote access and support software ScreenConnect, has disclosed that it was the victim of a cyber attack that it said was likely perpetrated by a nation-state threat actor. "ConnectWise recently learned of suspicious activity within our environment that we believe wa...

Czech Republic Blames China-Linked APT31 Hackers for 2022 Cyberattack

The Czech Republic on Wednesday formally accused a threat actor associated with the People's Republic of China PRC of targeting its Ministry of Foreign Affairs. In a public statement, the government said it identified China as the culprit behind a malicious campaign targeting one of the...

Forget Perfect Prevention — Build Cyber Resilience Instead

Discover why shifting from cyberattack prevention to cyber resilience is the key to survival in today’s relentless cyberthreat landscape...

UK Legal Aid Agency Hit by Cyberattack, Sensitive Data Stolen

The UK Legal Aid Agency has suffered a major cyberattack, with “significant” sensitive data, including criminal records, stolen.…...

​​How the Microsoft Secure Future Initiative brings Zero Trust to life

In this blog, you'll learn more about how the Microsoft Secure Future Initiative SFI—a real-world case study on Zero Trust—aligns with Zero Trust strategies. We’ll share key updates from the April 2025 SFI progress report and practical Zero Trust guidance to help you strengthen your organization’...

Malicious npm Package Leverages Unicode Steganography, Google Calendar as C2 Dropper

Cybersecurity researchers have discovered a malicious package named "os-info-checker-es6" that disguises itself as an operating system information utility to stealthily drop a next-stage payload onto compromised systems. "This campaign employs clever Unicode-based steganography to hide its initia...

Explainable Machine Learning for Cyberattack Identification from Traffic Flows

The increasing automation of traffic management systems has made them prime targets for cyberattacks, disrupting urban mobility and public safety. Traditional network-layer defenses are often inaccessible to transportation agencies, necessitating a machine learning-based approach that relies sole...

UK Retail Giant Co-op Shuts Down IT Systems After Cyberattack Attempt

Retailer Acts Swiftly to Limit Threat as UK Retail Sector Faces Growing Digital Risks...

Scattered Spider Suspected in Major M&S Cyberattack

The cyberattack on Marks & Spencer M&S is linked to the notorious Scattered Spider group. Explore the severe…...

Reinforcing resilience with financial assurance: Breach protection matters now more than ever

Introducing Rapid7’s value-added Breach Protection Warranty that delivers confidence, clarity, and coverage when it matters most. Life’s old adage often applies in security: Hope for the best, prepare for the worst. In today’s threat landscape, even the best-prepared organizations can’t guarantee...

M&S Cyberattack Disrupts Contactless Payments and Click & Collect Services

Marks & Spencer M&S cyberattack disrupts contactless payments and Click & Collect; investigation launched as retailer apologises and…...

Xanthorox AI Surfaces on Dark Web as Full Spectrum Hacking Assistant

New Xanthorox AI hacking platform spotted on dark web with modular tools, offline mode, and advanced voice, image, and code-based cyberattack features...

Top 10 Passwords Hackers Use to Breach RDP – Is Yours at Risk?

Top 10 Passwords hackers use to breach RDP revealed! Weak credentials cause successful cyberattacks- check if yours is on the list and secure your system now...

A week in security (March 10 – March 16)

Last week on Malwarebytes Labs: Research on iOS apps shows widespread exposure of secrets Don’t let your kids on Roblox if you’re not comfortable, says Roblox CEO Update your iPhone now: Apple patches vulnerability used in "extremely sophisticated attacks" The dark side of sports betting: How...

Chinese Volt Typhoon Hackers Infiltrated US Electric Utility for Nearly a Year

Dragos reveals Volt Typhoon hackers infiltrated a US electric utility for 300 days, collecting sensitive data. Learn how this cyberattack threatens infrastructure...

What Really Happened With the DDoS Attacks That Took Down X

Elon Musk said a “massive cyberattack” disrupted X on Monday and pointed to “IP addresses originating in the Ukraine area” as the source of the attack. Security experts say that's not how it works...

Musk Blames X (Twitter) Outage on Cyberattack, Links It to Ukraine

Elon Musk has confirmed a massive cyberattack on his social media platform, X once Twitter, causing widespread technical…...