Apple on Tuesday released security updates for its entire software portfolio, including a fix for a vulnerability...
Google Launches DBSC Open Beta in Chrome and Enhances Patch Transparency via Project Zero
3 min read
Google has announced that it's making a security feature called Device Bound Session Credentials (DBSC) in open...
Threat actors have been observed exploiting a now-patched critical SAP NetWeaver flaw to deliver the Auto-Color backdoor...
Scattered Spider Hacker Arrests Halt Attacks, But Copycat Threats Sustain Security Pressure
3 min read
Google Cloud's Mandiant Consulting has revealed that it has witnessed a drop in activity from the notorious...
Cybersecurity researchers have disclosed a now-patched critical security flaw in a popular vibe coding platform called Base44...
PyPI Warns of Ongoing Phishing Campaign Using Fake Verification Emails and Lookalike Domain
2 min read
The maintainers of the Python Package Index (PyPI) repository have issued a warning about an ongoing phishing...
A newly emerged ransomware-as-a-service (RaaS) gang called Chaos is likely made up of former members of the...
Until recently, the cyber attacker methodology behind the biggest breaches of the last decade or so has...
Cybercriminals Use Fake Apps to Steal Data and Blackmail Users Across Asia’s Mobile Networks
6 min read
Cybersecurity researchers have discovered a new, large-scale mobile malware campaign that's targeting Android and iOS platforms with...
React conquered XSS? Think again. That's the reality facing JavaScript developers in 2025, where attackers have quietly...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a high-severity security vulnerability impacting PaperCutNG/MF...
In what's the latest instance of a software supply chain attack, unknown threat actors managed to compromise...
⚡ Weekly Recap — SharePoint Breach, Spyware, IoT Hijacks, DPRK Fraud, Crypto Drains and More
23 min read
Some risks don’t breach the perimeter—they arrive through signed software, clean resumes, or sanctioned vendors still hiding...
Picture this: you’ve hardened every laptop in your fleet with real‑time telemetry, rapid isolation, and automated rollback....
Scattered Spider Hijacks VMware ESXi to Deploy Ransomware on Critical U.S. Infrastructure
3 min read
The notorious cybercrime group known as Scattered Spider is targeting VMware ESXi hypervisors in attacks targeting retail,...
Critical Flaws in Niagara Framework Threaten Smart Buildings and Industrial Systems Worldwide
4 min read
Cybersecurity researchers have discovered over a dozen security vulnerabilities impacting Tridium's Niagara Framework that could allow an...
U.S. Sanctions Firm Behind N. Korean IT Scheme; Arizona Woman Jailed for Running Laptop Farm
3 min read
The U.S. Department of the Treasury's Office of Foreign Assets Control (OFAC) sanctioned a North Korean front...
The threat actor known as Patchwork has been attributed to a new spear-phishing campaign targeting Turkish defense...
Russian aerospace and defense industries have become the target of a cyber espionage campaign that delivers a...
Threat hunters have disclosed two different malware campaigns that have targeted vulnerabilities and misconfigurations across cloud environments...
