Clickjacking has long been considered a “dumb” attack in the cybersecurity world. Traditionally, it involves placing an invisible frame over a legitimate website to trick…
Critical vulnerability has been added to CISA’s Known Exploited Vulnerabilities list, warning organizations about a dangerous file-upload flaw in OpenPLC ScadaBR systems. The vulnerability allows…
A comprehensive phishing operation began targeting Indian companies in November 2025 by impersonating the Income Tax Department of India. The campaign employed remarkably authentic government…
Cybercriminals have discovered a clever way to slip malware onto job seekers’ computers by disguising malicious files as legitimate recruitment documents. A new campaign called…
Arizona Attorney General Kris Mayes has announced a lawsuit against the popular Chinese e-commerce retailer Temu, accusing the company of stealing vast amounts of customer…
Lazarus Group’s Famous Chollima unit has been caught “live on camera” running its remote IT worker scheme, after researchers funneled its operatives into fake laptops…
Multiple critical zero‑day vulnerabilities in PickleScan, a popular open‑source tool used to scan machine learning models for malicious code. PickleScan is widely used in the AI…
A critical HTTP request smuggling vulnerability in Akamai’s edge server infrastructure has been successfully fixed. The vulnerability, identified as CVE-2025-66373, stemmed from improper processing of…
A new information stealer called Sryxen has emerged in the underground malware market, targeting Windows systems with advanced techniques to harvest browser credentials and sensitive…
A sophisticated phishing toolkit known as Evilginx is empowering attackers to execute advanced attacker-in-the-middle (AiTM) campaigns with alarming success. These attacks are engineered to steal…
A critical security vulnerability has been discovered in Vim for Windows that could allow attackers to execute malicious code on users’ computers. The vulnerability, identified…
Legitimate administrative tools are increasingly becoming the weapon of choice for sophisticated threat actors aiming to blend in with normal network activity. A recent campaign…
