risks

Since 2016, a threat actor has been exploiting insecure plugins and themes to infect WordPress websites and redirect traffic to malicious websites.

Scammers are using Google ads to push fake versions of real websites – and they’re after business accounts and company data.

How the situation with ransomware attacks on companies has changed, and why paying a ransom has become an even worse and more useless idea in 2025.

Scammers are exploiting GetShared to bypass email security.

A vulnerability in Google OAuth allows attackers to access accounts of defunct organizations through abandoned domains.

A year after the ransomware attack on healthcare giant UnitedHealth Group, we’ve compiled all publicly available information about the incident and its aftermath.

$3 billion worth of damage to healthcare insurance giant, schools closed, soccer club players’ data leaked, and other ransomware incidents in 2024.

We look at the most notable supply-chain attacks of 2024.

What to do if you receive a text with a two-factor authentication code from a service you’ve never registered for.

A look at the biggest ransomware attacks of 2023.

The KeyTrap DoS attack, which can disable DNS servers with a single malicious packet exploiting a vulnerability in DNSSEC.

Why cybercriminals want to attack PR and marketing staff and, crucially, how to protect your company from financial and reputational harm.

Time to update Fortra GoAnywhere MFT: an exploit has been developed for a critical vulnerability that allows attackers to bypass authentication and create admin accounts.

Ethical hackers told 37C3 how they found a few eye-openers while breaking DRM to fix trains.

Google OAuth allows to create phantom Google accounts — uncontrollable by corporate Google Workspace administrators.

Why criminals want to hack your website, how they might use it in new attacks, and how to stop them.

We explain what OSINT is, why it has to be front-of-mind at all times, and how to guard against hackers using it.

How social engineering helped hack the CIA chief, hijack Elon Musk and Joe Biden’s Twitter accounts, and steal half-a-billion dollars.

What security aspects should be top-of-mind when implementing important changes in corporate IT infrastructure?

Low-code apps lower IT costs, but boost information security risks. How to mitigate them?

Social engineering in the spotlight: from classic tricks to new trends.