Ukrainian and German law enforcement have disrupted a Russian‑affiliated hacker group that has been carrying out high‑impact ransomware attacks against organizations worldwide, causing losses estimated…
Five coordinated malicious Chrome extensions have emerged as a sophisticated threat to enterprise security, targeting widely-used human resources and financial platforms used by thousands of…
Cybercriminals have distributed 17 malicious browser extensions across Chrome, Firefox, and Edge platforms, collectively downloading over 840,000 times and compromising user security for years. The…
PDFSIDER is a newly exposed backdoor that gives attackers long term control of Windows systems while slipping past many antivirus and endpoint detection and response…
Cybersecurity researchers have discovered a sophisticated malware campaign using an unusual but effective tactic: deliberately crashing users’ browsers. The threat, named CrashFix, operates through a…
A recent investigation into a deceptive push-notification network shows how a simple DNS mistake can open a window into criminal infrastructure. The campaign abused browser…
A critical vulnerability in Windows SMB client authentication that enables attackers to compromise Active Directory environments through NTLM reflection exploitation. Classified as an improper access…
Security researchers have uncovered significant vulnerabilities in the firmware of Xiaomi’s popular Redmi Buds series, specifically affecting models ranging from the Redmi Buds 3 Pro…
A critical vulnerability in ServiceNow’s Virtual Agent API and the Now Assist AI Agents application has been discovered, allowing unauthenticated attackers to impersonate any user…
Microsoft has released an out-of-band emergency update to resolve a critical issue affecting Remote Desktop connections on Windows client devices. The problem emerged immediately following…
Google-owned Mandiant has publicly released a comprehensive dataset of Net-NTLMv1 rainbow tables, marking a significant escalation in demonstrating the security risks of legacy authentication protocols.…
Let’s Encrypt, a key provider of free TLS certificates, has rolled out short-lived and IP address-based certificates for general use. These new options became available…
