SMB

Researchers have found several vulnerabilities in the Sitecore CMS platform that enable unauthenticated remote code execution (RCE).

Researchers have found a vulnerability that allows attackers to get root privileges on most Linux distributions.

Internet Explorer sends its regards: a vulnerability in the HTTP protocol extension allows attackers to run malicious code — even on a modern operating system.

Since 2016, a threat actor has been exploiting insecure plugins and themes to infect WordPress websites and redirect traffic to malicious websites.

A popular password manager was modified to allow attackers to steal passwords and encrypt users’ data. How to protect home computers and corporate systems from this threat?

This post examines a hybrid email-and-phone scam in which attackers send emails from a genuine Microsoft email address.

Scammers are using Google ads to push fake versions of real websites – and they’re after business accounts and company data.

We explore how cybercriminals are targeting IT specialists searching for a popular network scanner, using the Interlock ransomware attack as an example.

How the situation with ransomware attacks on companies has changed, and why paying a ransom has become an even worse and more useless idea in 2025.

An infection tactic called ClickFix is becoming increasingly popular among cybercriminals. We explain how such attacks work and how to protect your company against it.

Popular AI code assistants try to call non-existent libraries. But what happens if attackers actually create them?

Archives are being used in targeted phishing and other attacks on organizations. What tools, settings, and policies can mitigate the threat?

Scammers are exploiting GetShared to bypass email security.

Attackers use the polyglot technique to disguise malware. We explain what it is and how to protect your company against attacks.

Fending off ransomware attacks that exploit corporate IoT devices.

How and why we deploy artificial intelligence in our SIEM system.

Our technologies have helped to detect the zero-day vulnerability CVE-2025-2783 in Google Chrome, which was used in a sophisticated APT attack.

Cybercriminals behind the Fog ransomware publish leaked data along with the IP addresses of attacked computers.

How to respond to a compromised GitHub changed-files Action incident.

Microsoft’s March Patch Tuesday fixes several vulnerabilities that have already been used in the wild. Details are not clear at the moment, but it’s worth installing the patches ASAP.

We’ve added technology that checks QR codes in emails for phishing links.