A critical Remote Code Execution vulnerability has been patched in Imunify360 AV, a security product protecting approximately 56 million websites worldwide. Hosting companies must apply…
Following the doxxing of Lumma Stealer’s alleged core members last month, the notorious infostealer initially experienced a significant decline in activity as customers migrated to…
A newly updated cybersecurity advisory from federal agencies reveals that the Akira ransomware operation has significantly escalated its campaign, compromising organizations worldwide and accumulating massive…
Payment processor Checkout.com recently experienced a data breach after being targeted by the cybercrime group “ShinyHunters.” The attackers accessed old data stored in a third-party…
Palo Alto Networks has disclosed a denial-of-service vulnerability in its PAN-OS software that allows attackers to force firewalls into unexpected reboots using specially crafted network…
Security researchers have successfully extracted the system prompt from OpenAI’s Sora 2 video generation model by exploiting cross-modal vulnerabilities, with audio transcription proving to be…
Security researcher Paul McCarty has uncovered a massive coordinated spam campaign targeting the npm ecosystem. The IndonesianFoods worm, comprising over 43,000 malicious packages published across…
On Friday, November 7th, Veracode Threat Research discovered a dangerous typosquatting campaign targeting developers using GitHub Actions. The malicious npm package “@acitons/artifact” had accumulated over…
A sophisticated campaign attributed to North Korean-aligned threat actors is weaponizing legitimate JSON storage services as an effective vector for deploying advanced malware to software…
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning about the active exploitation of a new zero-day vulnerability in Microsoft Windows. This…
Cybersecurity researchers at AhnLab Security Intelligence Center (ASEC) have uncovered a sophisticated attack campaign leveraging legitimate Remote Monitoring and Management (RMM) tools to deploy backdoor…
GitLab has released critical security patches addressing nine vulnerabilities across Community Edition (CE) and Enterprise Edition (EE), including a concerning prompt injection flaw in GitLab Duo that…
