A sophisticated Android malware campaign named NexusRoute is actively targeting Indian citizens by impersonating government services. The operation uses fake versions of the official mParivahan…
A severe security vulnerability has been discovered in Plesk for Linux that could allow users to gain root access on affected servers. The flaw, tracked…
A novel social engineering campaign, dubbed ClickFix, has been identified, which cleverly employs an old Windows command-line tool, finger.exe, to install malware on victims’ systems.…
Storm-0249, once known primarily as a mass phishing group, has undergone a significant transformation into a sophisticated initial access broker specializing in precision attacks. This…
Shannon is a fully autonomous AI pentesting tool for web applications that identifies attack vectors via code analysis and validates them with live browser exploits.…
Microsoft’s December 2025 security updates have unleashed an unexpected headache for enterprise admins relying on Message Queuing (MSMQ). Installed via KB5071546 on December 9, the…
Gentlemen ransomware, first identified in August 2025, has rapidly evolved into a significant threat targeting corporate networks globally. Operating on a double extortion model, this…
A critical security issue involving the Windows Remote Access Connection Manager (RasMan) that allows local attackers to execute arbitrary code with System privileges. While investigating CVE-2025-59230,…
A critical vulnerability affecting Sierra Wireless routers has been added to its Known Exploited Vulnerabilities (KEV) catalog. This decision comes after evidence emerged that the…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA), in coordination with the National Security Agency (NSA), has issued new guidance urging enterprises to verify and…
A critical alert regarding an active zero-day vulnerability affecting the Microsoft Windows Cloud Files Mini Filter Driver. The vulnerability poses a significant risk to organizations…
Google Threat Intelligence Group (GTIG) has issued a warning regarding the widespread exploitation of a critical security flaw in React Server Components. Known as React2Shell (CVE-2025-55182),…
