A sophisticated new phishing campaign has been discovered that exploits Microsoft 365’s legitimate infrastructure to conduct highly convincing credential harvesting...
Read more →
Google’s parent company, Alphabet Inc., is reportedly in advanced negotiations to acquire cybersecurity startup Wiz for approximately $30 billion. If...
Read more →
Attackers are actively exploiting a Server-Side Request Forgery (SSRF) vulnerability in OpenAI’s ChatGPT infrastructure. The vulnerability, identified as CVE-2024-27564, has become...
Read more →
A sophisticated cyberattack technique known as Browser-in-the-Middle (BitM) has emerged, enabling hackers to bypass multi-factor authentication (MFA) and steal user...
Read more →
Cobalt Strike has released version 4.11 with significant improvements to its evasion capabilities, making the popular red team tool more...
Read more →
Cryptocurrency exchange OKX has temporarily suspended its decentralized exchange (DEX) aggregator service following allegations that North Korea’s state-sponsored Lazarus Group...
Read more →
Security researchers have publicly released a proof-of-concept (PoC) exploit for CVE-2024-36904, a critical use-after-free vulnerability in the Linux kernel that...
Read more →
The FBI has issued an urgent warning about the rising threat of malicious file conversion tools that are being used...
Read more →
In a massive security breach discovered this week, approximately 23,000 GitHub repositories have been compromised in what security experts are...
Read more →
Security researchers have confirmed that a critical remote code execution (RCE) vulnerability in Apache Tomcat, tracked as CVE-2025-24813, is being...
Read more →
Google has officially launched OSV-Scanner V2.0.0, a major upgrade to its open-source vulnerability scanning tool. Released on March 17, 2025,...
Read more →
Security researchers have uncovered several critical vulnerabilities in Espressif Systems’ ESP-IDF framework that could allow attackers to execute arbitrary code...
Read more →