A dangerous phishing campaign is targeting cryptocurrency holders through video calls that use artificial intelligence to create fake versions of trusted contacts. The attack spreads…
Multiple critical security vulnerabilities have recently been disclosed in React Server Components, enabling threat actors to launch Denial-of-Service (DoS) attacks against vulnerable servers. The flaws,…
Advanced persistent threat actors operating from Pakistan have launched coordinated attacks against Indian government organizations using newly discovered tools and malware designed to bypass security…
A serious security vulnerability in Western Digital’s WD Discovery desktop application has been disclosed, potentially allowing attackers to execute arbitrary code on Windows systems. The…
The Cybersecurity and Infrastructure Security Agency (CISA) and the United Kingdom’s National Cyber Security Centre (NCSC-UK) have jointly released comprehensive guidance on Secure Connectivity Principles…
Node.js version 25.5.0 was released on January 26, 2026, introducing significant developer-focused enhancements and security updates. The release prioritizes simplified application packaging through a new…
Caminho Loader is a new Loader-as-a-Service threat that blends steganography, fileless execution, and cloud abuse to quietly deliver malware across several regions. First seen in…
A critical vulnerability has been identified in the PyPI-distributed version of PLY (Python Lex-Yacc) 3.11, allowing arbitrary code execution through unsafe deserialization of untrusted pickle…
Since 2023, a dangerous malware framework called PeckBirdy has emerged as a primary weapon used by Chinese-aligned hacking groups. This JavaScript-based tool serves as a…
Cybercriminals are increasingly distributing malicious Remote Monitoring and Management (RMM) tools through fake websites that mimic popular software download pages. These deceptive sites impersonate legitimate…
Microsoft released emergency out-of-band security updates on January 26, 2026, to address CVE-2026-21509, a zero-day security feature bypass vulnerability in Microsoft Office that attackers are…
A new class-action lawsuit accuses Meta Platforms of misleading billions of WhatsApp users by claiming their messages are protected by unbreakable end-to-end encryption. Filed in…
