Early this month, cybersecurity researchers uncovered a novel phishing campaign attributed to the Lazarus Group that targets developers and crypto professionals through a cleverly crafted…
In recent weeks, security teams have observed a sophisticated new strain of malware—dubbed GONEPOSTAL—that subverts Microsoft Outlook to relay command and control (C2) instructions. Emerging…
Security researchers have observed a sophisticated campaign in recent weeks targeting critical infrastructure and government entities across South Asia. Dubbed the DarkSamural operation, this attack…
The North Korea-backed APT group Kimsuky has escalated its cyber operations by weaponizing GitHub repositories for malware delivery and data exfiltration, marking a sophisticated evolution…
GitLab has released urgent security patches for its Community (CE) and Enterprise (EE) editions, addressing multiple vulnerabilities, including two high-severity flaws that could lead to…
A security vulnerability has been found in the Google Drive Desktop application for Windows. It allows a logged-in user on a shared machine to access…
Microsoft has issued an updated warning for a critical security vulnerability in Active Directory Domain Services, tracked as CVE-2025-21293. This flaw could permit an attacker…
Microsoft is set to enhance the Windows user experience by integrating new AI-powered capabilities directly into File Explorer. This upcoming feature, named “AI actions in…
HackerOne has confirmed it was among the companies affected by a recent data breach that provided unauthorized access to its Salesforce instance. The access was…
Microsoft has released patches for two significant vulnerabilities in Microsoft Office that could allow attackers to execute malicious code on affected systems. The flaws, tracked…
Sophos has resolved an authentication bypass vulnerability in its AP6 Series Wireless Access Points that could allow attackers to gain administrator-level privileges. The company discovered…
A critical vulnerability CVE-2025-42922 has been discovered in SAP NetWeaver that allows an authenticated, low-privileged attacker to execute arbitrary code and achieve a full system…
