A new Magecart-style campaign has emerged, targeting online shoppers through malicious JavaScript code designed to steal payment information directly from ecommerce websites. The attack works…
A new social engineering technique called GlitchFix has emerged, powered by ErrTraffic—a specialized traffic distribution system designed to trick website visitors into downloading malware through…
An urgent security update addressing a critical vulnerability in NSIGHT Graphics for Linux that could allow attackers to execute arbitrary code on affected systems. The…
A critical command injection vulnerability in Node Multimedia Routers (MMRs) could allow meeting participants to execute arbitrary code on affected systems. The vulnerability, tracked as…
Three zero-day vulnerabilities in mcp-server-git, the reference implementation of Git integration for the Model Context Protocol (MCP). The flaws stem from insufficient input validation and…
A sophisticated phishing campaign is actively exploiting LinkedIn’s trusted social media platform to distribute a dangerous remote access trojan to corporate employees. Attackers are leveraging…
Threat actors are leveraging a dangerous new campaign that weaponizes ordinary-looking shipping documents to distribute Remcos, a powerful remote access trojan. This phishing scheme uses…
Microsoft is rolling out a new security feature called the External Domains Anomalies Report for Teams, designed to help IT administrators identify and respond to…
Threat actors linked to North Korea have continued to expand their attack capabilities by weaponizing Microsoft Visual Studio Code, one of the world’s most popular…
A critical remote authentication bypass vulnerability has been disclosed in GNU InetUtils affecting the telnetd server component. The flaw, reported by a security researcher on…
A new Stable-channel release of Chrome version 144 addresses a high-severity vulnerability in the V8 JavaScript engine. The update, version 144.0.7559.96/.97 for Windows and Mac…
A critical architectural flaw in Microsoft Azure’s Private Endpoint implementation that enables denial-of-service (DoS) attacks against production Azure resources. The vulnerability affects over 5% of…
