Google Project Zero has announced a significant shift in its vulnerability disclosure practices, implementing a new trial policy that will publicly announce security vulnerabilities within…
A critical security vulnerability has been identified in OAuth2-Proxy, a widely-used reverse proxy that provides authentication services for Google, Azure, OpenID Connect, and numerous other…
A financially motivated threat group known as UNC2891 orchestrated a sophisticated attack on banking infrastructure by physically installing a 4G-equipped Raspberry Pi device directly into…
A sophisticated cyberattack exploiting a zero-day vulnerability in Microsoft SharePoint servers has compromised over 400 entities globally, with significant impact across African nations including South…
The Bangalore-based software engineer Rahul Agarwal, employee of prominent crypto exchange CoinDCX, was arrested in connection with a massive $44 million (approximately Rs 379 crore)…
The maritime industry, which facilitates approximately 90% of global trade, has emerged as a critical battleground for advanced persistent threat (APT) groups deploying sophisticated ransomware…
A significant zero-day vulnerability in CrushFTP has been disclosed, allowing unauthenticated attackers to achieve complete remote code execution on vulnerable servers. The flaw, tracked as…
Cybersecurity researchers have successfully developed and released a free decryption tool for the FunkSec ransomware, a malicious strain that leveraged artificial intelligence capabilities to enhance…
A sophisticated new Linux variant of Gunra ransomware has emerged, marking a significant escalation in the threat group’s cross-platform capabilities since its initial discovery in…
Cybercriminals have once again demonstrated their evolving sophistication by weaponizing an obscure Toshiba laptop driver to bypass endpoint detection and response systems. The Qilin ransomware…
A critical vulnerability affecting popular AI tools, including ChatGPT, Google Gemini, and other generative AI platforms, exposes them to a novel attack vector dubbed “Man-in-the-Prompt.” …
A sophisticated new malware campaign targeting cryptocurrency application users has emerged, leveraging compiled JavaScript files and Node.js to steal digital wallets and credentials with unprecedented…
