⚡ Weekly Recap: APT Intrusions, AI Malware, Zero-Click Exploits, Browser Hijacks and More
19 min read
If this had been a security drill, someone would’ve said it went too far. But it wasn’t...
Cybersecurity researchers have discovered a new cryptojacking campaign that's targeting publicly accessible DevOps web servers such as...
Three security vulnerabilities have been disclosed in preloaded Android applications on smartphones from Ulefone and Krüger&Matz that...
Qualcomm has shipped security updates to address three zero-day vulnerabilities that it said have been exploited in...
Cybersecurity researchers have warned of a new spear-phishing campaign that uses a legitimate remote access tool called...
The evolution of cyber threats has forced organizations across all industries to rethink their security strategies. As...
Two information disclosure flaws have been identified in apport and systemd-coredump, the core dump handlers in Ubuntu,...
A multinational law enforcement operation has resulted in the takedown of an online cybercrime syndicate that offered...
A new malware campaign is distributing a novel Rust-based information stealer dubbed EDDIESTEALER using the popular ClickFix...
The China-linked threat actor behind the recent in-the-wild exploitation of a critical security flaw in SAP NetWeaver...
Breaking Out of the Security Mosh Pit
When Jason Elrod, CISO of MultiCare Health System, describes legacy healthcare...
The U.S. Department of Treasury's Office of Foreign Assets Control (OFAC) has levied sanctions against a Philippines-based...
ConnectWise, the developer of remote access and support software ScreenConnect, has disclosed that it was the victim...
Meta on Thursday revealed that it disrupted three covert influence operations originating from Iran, China, and Romania...
Fake installers for popular artificial intelligence (AI) tools like OpenAI ChatGPT and InVideo AI are being used...
Cybersecurity researchers have taken the wraps off an unusual cyber attack that leveraged malware with corrupted DOS...
Google on Wednesday disclosed that the Chinese state-sponsored threat actor known as APT41 leveraged a malware called...
The threat actors behind the DragonForce ransomware gained access to an unnamed Managed Service Provider's (MSP) SimpleHelp...
Over 100,000 WordPress Sites at Risk from Critical CVSS 10.0 Vulnerability in Wishlist Plugin
2 min read
Cybersecurity researchers have disclosed a critical unpatched security flaw impacting TI WooCommerce Wishlist plugin for WordPress that...
Stealer malware no longer just steals passwords. In 2025, it steals live sessions—and attackers are moving faster...
