The decentralized finance sector witnessed a devastating breach targeting Yearn Finance’s yETH pool, resulting in the theft of approximately $9 million on November 30, 2025.…
A serious privilege escalation vulnerability in K7 Ultimate Security, an antivirus product from K7 Computing, was found by abusing named pipes with overly permissive access…
A significant supply chain security breach has emerged with the discovery of Shai-Hulud 2.0, a sophisticated malware that has compromised over 30,000 GitHub repositories since…
On Thanksgiving eve, a sophisticated threat actor known as Storm-0900 launched a high-volume phishing campaign targeting users across the United States. Microsoft Threat Intelligence security…
Microsoft has silently patched a Windows shortcut vulnerability that threat actors have been exploiting since 2017 to hide malicious commands from users inspecting file properties.…
CISA has added two critical Android Framework vulnerabilities to its Known Exploited Vulnerabilities catalog, signaling active exploitation in the wild. The vulnerabilities affect the Android…
MuddyWater, an Iran-aligned cyberespionage group also known as Mango Sandstorm, has launched a new, highly targeted campaign against critical infrastructure in Israel and Egypt. Active…
Microsoft has officially confirmed a critical issue affecting enterprise and managed environments running Windows 11 versions 24H2 and 25H2. The bug, first triggered by cumulative…
A new and dangerous phishing campaign is targeting organizations with a deceptive “Executive Award” theme that combines social engineering with advanced malware delivery. This two-stage…
A critical security flaw in the popular “King Addons for Elementor” WordPress plugin has left thousands of websites at risk of complete takeover, security researchers…
A critical Stored XSS vulnerability in Angular’s template compiler (CVE-2025-66412) allows attackers to execute arbitrary code by weaponizing SVG animation attributes. Bypassing Angular’s built-in security…
Two sophisticated Linux rootkits are posing increasingly serious threats to network security by exploiting eBPF technology to hide their presence from traditional detection systems. BPFDoor…
