The cybersecurity landscape faced a critical threat in early October 2025 with the public disclosure of RediShell, a severe use-after-free vulnerability in Redis’s Lua scripting…
Security researcher Jofpin has disclosed “Brash,” a critical flaw in Google’s Blink rendering engine that enables attackers to crash Chromium-based browsers almost instantly. Affecting billions…
In a timely response to escalating threats against email infrastructure, the Cybersecurity and Infrastructure Security Agency (CISA), alongside the National Security Agency (NSA), Australian Cyber…
A sophisticated malware campaign has emerged targeting WordPress e-commerce sites, particularly those leveraging the WooCommerce plugin to process customer transactions. The threat, discovered in August…
A recent discovery has shaken the Visual Studio Code (VSCode) ecosystem, unveiling a sophisticated supply chain attack targeting developers worldwide. At least a dozen malicious…
The Jenkins project released Security Advisory 2025-10-29 on October 28, 2025, disclosing multiple vulnerabilities across 13 plugins that power the popular open-source automation server. These…
Microsoft has patched a critical race condition vulnerability in its Windows Cloud Files Minifilter driver, known as CVE-2025-55680, which enables local attackers to escalate privileges…
A sophisticated privilege escalation vulnerability in Windows SMB servers, leveraging Ghost Service Principal Names (SPNs) and Kerberos authentication reflection to achieve remote SYSTEM-level access. Microsoft…
A sophisticated malware campaign targeting developers has been operating since August 2025, deploying 126 malicious npm packages that have collectively accumulated over 86,000 downloads. The…
A sophisticated botnet campaign has compromised more than 25,000 IoT devices across 40 countries while establishing 140 command-and-control servers to facilitate cybercrime operations. The PolarEdge…
Global advertising and marketing giant Dentsu has confirmed that its U.S.-based subsidiary Merkle experienced a cyberattack, prompting immediate incident response measures and system shutdowns to…
Canadian authorities have issued an urgent alert following multiple confirmed incidents where cybercriminals compromised internet-accessible Industrial Control Systems (ICS) devices protecting critical infrastructure across the…
