Cybersecurity researchers at Datadog have uncovered a sophisticated adversary-in-the-middle phishing campaign targeting organizations that use Microsoft 365 and Okta for single sign-on authentication. The campaign…
When Team Expansion Becomes a Matter of Survival Imagine this: you’re launching a new product in three months, and two of your senior developers unexpectedly…
Notepad++ fixed updater bugs that allowed malicious update hijacking Pierluigi Paganini December 12, 2025 Notepad++ addressed an updater vulnerability that allows attackers hijack update traffic…
A comprehensive security analysis has uncovered a critical vulnerability in container image distribution: more than 10,000 Docker Hub images containing leaked production credentials from over…
A critical privilege escalation vulnerability in Microsoft Windows Cloud Files Mini Filter Driver is now under active exploitation, according to a new Cybersecurity and Infrastructure…
Security researchers have successfully extracted firmware from a cheap JieLi-based smartwatch by reviving an obscure 2000s attack technique that transmits sensitive data through display pixels.…
A new Android malware locks device screens and demands that users pay a ransom to keep their data from being deleted. Dubbed “DroidLock” by Zimperium…
The Department of Justice is suing Fulton County, Georgia and its election clerk over the county’s refusal to hand over voter records, part of a…
The Cybersecurity and Infrastructure Security Agency has released critical guidance on managing UEFI Secure Boot configurations across enterprise systems. The comprehensive advisory addresses growing concerns…
New research from Kaspersky has mapped the complete lifecycle of data stolen during phishing attacks, revealing a sophisticated “shadow market conveyor belt” where victim information…
Cybersecurity researchers are calling attention to a new campaign that’s leveraging GitHub-hosted Python repositories to distribute a previously undocumented JavaScript-based Remote Access Trojan (RAT) dubbed…
MITRE has released its annual Common Weakness Enumeration (CWE) Top 25 Most Dangerous Software Weaknesses list for 2025, identifying the most critical vulnerabilities affecting software development worldwide.…
