The head of counterintelligence for a division of the Russian Federal Security Service (FSB) was sentenced last week to nine years in a penal...

For nearly a dozen years, residents of South Carolina have been kept in the dark by state and federal investigators over who was responsible for...

The U.S. government is warning that smart locks securing entry to an estimated 50,000 dwellings nationwide contain hard-coded credentials that can...

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) said today it is investigating a breach at business intelligence company Sisense,...

On April 9, Twitter/X began automatically modifying links that mention "twitter.com" to redirect to "x.com" instead. But over the past 48 hours,...

If only Patch Tuesdays came around infrequently -- like total solar eclipse rare -- instead of just creeping up on us each month like The Man in...

A cybercrook who has been setting up websites that mimic the self-destructing message service Privnote.com accidentally exposed the breadth of...

Roughly nine years ago, KrebsOnSecurity profiled a Pakistan-based cybercrime group called "The Manipulaters," a sprawling web hosting network of...

Thread hijacking attacks. They happen when someone you know has their email account compromised, and you are suddenly dropped into an existing...

Several Apple customers recently reported being targeted in elaborate phishing attacks that involve what appears to be a bug in Apple's password...

2.5 million people were affected, in a breach that could spell more trouble down the line.

Researchers uncover a watering hole attack likely carried out by APT TA423, which attempts to plant the ScanBox JavaScript-based reconnaissance tool.

Over 130 companies tangled in sprawling phishing campaign that spoofed a multi-factor authentication system.

Lockbit is by far this summer’s most prolific ransomware group, trailed by two offshoots of the Conti group.

Tens of thousands of cameras have failed to patch a critical, 11-month-old CVE, leaving thousands of organizations exposed.

Twitter is blasted for security and privacy lapses by the company’s former head of security who alleges the social media giant’s actions amount to ...

CISA is warning that Palo Alto Networks’ PAN-OS is under active attack and needs to be patched ASAP.

Fake travel reservations are exacting more pain from the travel weary, already dealing with the misery of canceled flights and overbooked hotels.

Separate fixes to macOS and iOS patch respective flaws in the kernel and WebKit that can allow threat actors to take over devices and are under...

An insufficient validation input flaw, one of 11 patched in an update this week, could allow for arbitrary code execution and is under active attack.