A sophisticated SEO poisoning campaign has been quietly targeting Windows users since at least October 2025, luring them into downloading trojanized installers for more than…
Every April, millions of Americans rush to file taxes before the deadline — and attackers count on it. A large-scale malvertising campaign, active since at…
A newly discovered Android remote access trojan known as Oblivion RAT has emerged on cybercrime networks as a complete malware-as-a-service (MaaS) platform, turning fake Google…
A new wave of supply chain attacks is hitting the npm ecosystem through a self-propagating malware campaign known as CanisterWorm. The threat, linked to a…
A threat actor has allegedly exfiltrated approximately 100 GB of personally identifiable information (PII) from Crunchyroll, the Sony-owned anime streaming giant, after gaining access through…
The notorious hacking collective LAPSUS$ has resurfaced, allegedly claiming responsibility for a significant data breach involving the multinational pharmaceutical and biotechnology company AstraZeneca. The threat…
The fraud rarely announces itself. It begins with a friendly message on social media, a wrong-number text that turns into a conversation, or a romantic…
A new Android banking trojan named Perseus has emerged in the wild, representing the next step in the ongoing evolution of mobile malware. Built on…
A newly identified variant of the VoidStealer infostealer has drawn serious attention from the security community after it became the first malware known to bypass…
Oracle has issued an out-of-band Security Alert addressing a critical remote code execution (RCE) vulnerability, CVE-2026-21992, affecting two widely deployed Fusion Middleware components, Oracle Identity…
Google has released a substantial security update for its Chrome web browser, addressing 26 distinct vulnerabilities that could allow unauthenticated attackers to execute malicious code…
Malicious Script Injection in Trivy Compromise A sophisticated supply chain attack targeting the official Trivy GitHub Action (aquasecurity/trivy-action) has compromised continuous integration and continuous deployment…
