Cybersecurity researchers have uncovered a sophisticated Linux malware campaign exploiting the critical React2Shell vulnerability (CVE-2025-55182) to deploy multiple post-exploitation payloads. A newly identified backdoor dubbed…
During a recent incident response engagement, FortiGuard IR services responded to a sophisticated ransomware attack in which threat actors deployed advanced anti-forensic techniques to eliminate…
Microsoft has officially addressed a new security vulnerability affecting the Windows Defender Firewall Service that could allow threat actors to access sensitive information on compromised…
Microsoft has published comprehensive guidance addressing the Shai-Hulud 2.0 supply chain attack, one of the most significant cloud-native ecosystem compromises observed in recent months. The…
A critical vulnerability in Google Gemini Enterprise and Vertex AI Search, dubbed GeminiJack, that allows attackers to exfiltrate sensitive corporate data without any user interaction or…
The cybersecurity landscape has reached a troubling inflection point. On December 5, 2025, Huntress identified a sophisticated campaign deploying the Atomic macOS Stealer (AMOS) through…
Parrot Security OS has unveiled its highly anticipated 7.0 beta release, marking a significant milestone with the integration of Debian 13 and a complete desktop…
The indie gaming community faces a new and sophisticated threat. Malicious actors are exploiting itch.io and Patreon to distribute the Lumma Stealer malware disguised as…
DomainTools Investigations has released critical findings detailing the expansion of a massive malware-delivery network targeting Chinese-speaking users worldwide. The long-running cluster, active since June 2023,…
A critical stored cross-site scripting (XSS) vulnerability in Ivanti Endpoint Manager (EPM) enables unauthenticated attackers to hijack administrator sessions by injecting malicious JavaScript into the…
Microsoft Copilot, the AI tool many businesses use daily, is facing significant problems today. Users in the United Kingdom and parts of Europe are reporting…
Between February 2024 and August 2025, security researchers uncovered a significant campaign orchestrated by the GOLD BLADE threat group, previously known as RedCurl, RedWolf, and…
