A sophisticated new attack technique compromises Fast IDentity Online (FIDO) key authentication by exploiting cross-device sign-in features. The PoisonSeed attack group has developed a method…
A critical container escape vulnerability has emerged in the NVIDIA Container Toolkit, threatening the security foundation of AI infrastructure worldwide. Dubbed “NVIDIAScape” and tracked as…
A critical memory corruption vulnerability in the popular file archiver 7-Zip has been discovered that allows attackers to trigger denial of service conditions by crafting…
Two significant Grafana vulnerabilities that could allow attackers to redirect users to malicious websites and execute arbitrary JavaScript code. The vulnerabilities, identified as CVE-2025-6023 and…
A sophisticated cyberattack campaign targeting Microsoft SharePoint servers has been discovered exploiting a newly weaponized vulnerability chain dubbed “ToolShell,” enabling attackers to gain complete remote…
A sophisticated phishing campaign targeting Turkish defense and aerospace enterprises has emerged, delivering a highly evasive variant of the Snake Keylogger malware through fraudulent emails…
A sophisticated Chinese threat actor campaign has emerged as one of the most persistent malware distribution operations targeting Chinese-speaking communities worldwide. Since June 2023, this…
A sophisticated phishing campaign targeting organizations has emerged, exploiting the trusted reputation of Veeam Software through weaponized WAV audio files delivered via email. The attack…
A critical zero-day flaw in the CrushFTP managed file-transfer platform was confirmed after vendor and threat-intelligence sources confirmed active exploitation beginning on 18 July 2025…
A sophisticated phishing campaign dubbed “Scanception” has emerged as a significant threat to enterprise security, leveraging QR codes embedded in PDF attachments to bypass traditional…
The cybersecurity landscape continues to face significant threats from sophisticated information stealers, with Lumma emerging as one of the most prevalent and dangerous malware families…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical Fortinet FortiWeb vulnerability to its Known Exploited Vulnerabilities (KEV) catalog, confirming active exploitation…
