The spy agency has been exploiting an old vulnerability that allows bad actors to gain access through simple network management protocol credentials.
The new malware loads the Aurora infostealer and can avoid being executed in virtual machines or sandboxes for analysis.
The APT29 espionage campaign is ongoing and the Polish military is urging potential targets to mitigate the risk.
A critical flaw in Microsoft Message Queuing Service is likely to be exploited as many organisations could be unaware that it is active.
With the two new services, Google aims to help minimise risk from malicious code in the software supply chain.
The threat group MERCURY has the ability to move from on-premises to cloud Microsoft Azure environments.
Admins unable to update to the patched ThingsBoard version can manually change the default signing key.
Some of the vulnerabilities could allow attackers to access systems with ease. Patches are not available for all the flaws.
Researchers say the recently discovered strain raises the bar by automating some intrusion processes and moving very quickly compared to other attacks.
The Rilide malware tricks victims into revealing their second-factor authentication to withdraw cryptocurrency in the background.
Spyware vendors use a combination of zero-day exploits and known vulnerabilities. Google TAG researchers urge faster patching of mobile devices
Winter Vivern's campaign shows that threat actors can effectively take advantage of medium-severity vulnerabilities.
The APT43 group is highly adept at using social engineering to target individuals and extract sensitive information.
The vulnerability could allow unauthenticated administrative takeover of websites. WooCommerce has released an update.
The new malware loader can give attackers remote access and the ability to deliver other payloads.