South Korean authorities have successfully extradited a key suspect in a large-scale hacking operation that resulted in the embezzlement of over 38 billion won (approximately…
Path traversal flaws like Zip Slip, which give hackers the ability to alter file systems while decompressing, remain a serious danger in the ever-changing world…
Cybersecurity researchers at Huntress identified a novel ransomware variant dubbed Cephalus, deployed in two separate incidents targeting organizations lacking robust access controls. This emerging threat,…
A newly documented cache deception attack leverages mismatches in path normalization and delimiter handling between caching layers and origin servers to expose sensitive endpoints and…
The Underground ransomware gang has been coordinating recurring attacks on enterprises throughout the globe in a worrying increase in cyber risks. They have demonstrated sophisticated…
Nagios has addressed a significant cross-site scripting (XSS) vulnerability in its enterprise monitoring platform Nagios XI that could allow remote attackers to execute arbitrary JavaScript…
NVIDIA released a security bulletin for NVIDIA® NeMo Curator addressing a high-severity vulnerability (CVE-2025-23307) that affects all prior versions of the Curator software. The flaw,…
The threat actor known as TAG-144, also referred to as Blind Eagle or APT-C-36, has been linked to five distinct activity clusters operating from May…
Threat actors are leveraging the trusted brand of Indonesia’s state pension fund, PT Dana Tabungan dan Asuransi Pegawai Negeri (Persero), or TASPEN, to deploy a…
Spotify this week unveiled a new Direct Messaging feature, enabling users to share songs, podcasts and audiobooks within the app. While the move promises streamlined recommendations and…
The Cybersecurity and Infrastructure Security Agency (CISA) released three Industrial Control Systems (ICS) advisories on August 26, 2025, detailing nine critical vulnerabilities in INVT VT-Designer…
A large-scale cybercrime conspiracy known as ShadowCaptcha was made public by cybersecurity researchers at Israel’s National Digital Agency. This campaign exploits the ClickFix technique, deploying…
