How to tame ransomware gangs’ top 5 favorite scripting engines
Securing your systems means mastering the tricky task of making scripting engines easy for your admins to use, and hard…
5 minutes
Pieter Arntz
Update now! November Patch Tuesday tackles 4 zero-days, two actively exploited
Microsoft’s November Patch Tuesday includes fixes for 89 vulnerabilities in total.
3 minutes
How the Black Basta ransomware gang hides Cobalt Strike beacons with PowerShell
Ransomware gangs love PowerShell.
4 minutes
Ransomware review: November 2024
In October 2024 we recorded a total of 575 ransomware victims, a new high for this year.
2 minutes
Why ransomware gangs want you to keep using that GPON router
A vulnerability found in 2018 is ranked #6 on the list of most attacked vulnerabilities.
2 minutes
Exchange Server 2016 and 2019 have less than a year to live
On October 14, 2025, Exchange Server 2016 and Exchange Server 2019 reach end of support.
2 minutes
How threat actors use AI
OpenAI has published an update on some of the criminal campaigns it has identified and disrupted.
2 minutes
Patch now! Palo Alto Expedition vulnerabilities could leak firewall credentials
A set of vulnerabilities in Palo Alto Networks Expedition could allow an attacker to read database contents and arbitrary files
2 minutes
Update now! Five zero-days fixed October Patch Tuesday
Microsoft’s October Patch Tuesday covers five zero-days, two of which are being actively exploited.
2 minutes
Ransomware insurance is funding cybercrime, says White House official
"This is a troubling practice that must end."
2 minutes
Zimbra SMTP vulnerability is being exploited in numbers
The flaw can be exploited by sending an email with a specially crafted CC field.
1 minute
A visit to a print shop put a password stealer on a co-worker’s laptop
Old-school malware distribution methods have a habit of hanging around long after people stop talking about them.
2 minutes
Watch out! Mobidash Android adware spread through phishing and online links
ThreatDown has uncovered a new campaign spreading the MobiDash adware for Android.
1 minute
Hybrid cloud environments are not safe from ransomware
A ransomware affiliate has been found compromising hybrid cloud environments.
3 minutes
Android’s Rusty new code shakes off huge number of memory-safe vulnerabilities
Google has dramatically reduced the number of serious memory safety vulnerabilities in Android by shifting to memory-safe languages.
2 minutes
North Korean IT workers—or how not to solve the IT staff shortage
North Korea has been infiltrating organizations using IT workers with fake identities.
3 minutes
Ivanti patches admin bypass for Cloud Services Appliance
Ivanti has released a security advisory for a critical vulnerability in Ivanti CSA 4.6 which is being actively exploited.
2 minutes
Windows MSHTML vulnerability actively exploited
CISA has added another MSHTML vulnerability rooted in Internet Explorer to its known exploited vulnerabilities catalog
1 minute
Microsoft might kick security vendors out of the Windows kernel
Reducing kernel-level access could undermine security vendors' ability to protect systems effectively.
1 minute
Update now! Four zero-days fixed in September Patch Tuesday
Microsoft’s September Patch Tuesday covers 79 Microsoft CVEs and includes four actively exploited zero-days.
2 minutes
Cybercrime Has Gone Machine-Scale
AI is automating malware faster than security can adapt.
Get the facts Read the 2026 State of Malware