Microsoft Defender researchers have exposed a sophisticated adversary-in-the-middle (AiTM) phishing campaign targeting energy sector organizations through SharePoint file-sharing abuse. The multi-stage attack compromised multiple user…
Microsoft has unveiled the public preview of WinApp CLI (winapp), a new open-source command-line tool designed to simplify Windows app development for developers using diverse…
Active exploitation of a critical authentication bypass vulnerability in the GNU InetUtils telnetd server (CVE-2026-24061) has been observed in the wild, allowing unauthenticated attackers to…
Microsoft gave U.S. federal agents the digital keys needed to unlock three encrypted laptops linked to a massive COVID unemployment scam in Guam. This case…
Best Data Security Companies In 2026, data has become the most valuable asset for businesses and the most targeted. With rising ransomware attacks, insider threats,…
The ShinyHunters extortion gang claims it is behind a wave of ongoing voice phishing attacks targeting single sign-on (SSO) accounts at Okta, Microsoft, and Google,…
A federal judge in Minnesota ruled last Saturday that Immigration and Customs Enforcement (ICE) agents violated the Fourth Amendment after they forcibly entered a Minnesota…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added five enterprise software flaws to its Known Exploited Vulnerabilities (KEV) Catalog in an 18-hour span.…
149 million stolen usernames and passwords for TikTok, Disney+, Netflix, Roblox, and crypto wallets were found online without any security authentication. Learn about the latest…
The United States’ Cybersecurity Information Sharing Act of 2015 – CISA 2015 – which came within a hair’s breadth of lapsing for good at the…
Microsoft is launching a new security feature designed to protect Teams users from fraudulent external callers impersonating trusted organizations. The Brand Impersonation Protection for Teams…
A sophisticated macOS infostealer campaign that leverages deceptive ClickFix-style social engineering to distribute MacSync, a Malware-as-a-Service (MaaS) credential-stealing tool targeting cryptocurrency users. The attack chain begins…
