Alexander Culafi

CrowdStrike observed a 150% increase in China-nexus threat activity in 2024, according to the vendor's latest Global Threat Report.

According to new research from VulnCheck, 62 CVEs were mentioned in the Black Basta ransomware gang chat logs leaked last week.

In Dragos' 'Year in Review' report for 2025, the OT/ICS security vendor found that ransomware attacks against industrial organizations increased by 87%.

In an advisory published Wednesday, CISA warned in a joint cybersecurity advisory of ransomware attacks conducted by a group known as Ghost.

This podcast episode discusses the Chinese nation-state threat group Salt Typhoon and its ongoing activities against telecommunications providers.

Palo Alto Networks said PAN-OS authentication bypass vulnerability CVE-2025-0108 came under attack in the wild following publication of a PoC exploit.

Recorded Future observed Chinese nation-state threat group Salt Typhoon targeting Cisco devices belonging to telecom providers in December and January.

Fortinet on Tuesday disclosed another authentication bypass vulnerability. Tracked as CVE-2025-24472, it affects versions of FortiOS and FortiProxy.

Apple announced on Monday it patched a zero-day flaw in iPads and iPhones that could enable an attacker to disable the USB Restricted Mode security feature.

Cityworks, an EAM product from software maker Trimble, has a newly disclosed zero-day vulnerability that is capable of remote code execution.