Microsoft announced that it will enforce mandatory multi-factor authentication (MFA) for all sign-in attempts to the Azure portal and other administrative interfaces. The new requirement, which builds…
A sophisticated new keylogger malware dubbed “TinkyWinkey” that is targeting Windows systems with advanced stealth capabilities and comprehensive data exfiltration features. First observed in late…
A newly disclosed critical vulnerability in the Next.js framework, tracked as CVE-2025-29927, allows unauthenticated attackers to bypass middleware-based authorization checks by exploiting improper handling of…
A sophisticated malvertising campaign has emerged that specifically targets hoteliers and vacation rental operators by impersonating well-known service providers. Okta Threat Intelligence reports that attackers…
A critical client-side remote code execution (RCE) vulnerability in Google Web Designer exposed Windows users to full system compromise, according to a detailed write-up by…
Criminal IP, the AI-powered threat intelligence and attack surface management (ASM) platform developed by AI SPERA, announced its official entry into the European market through…
In a significant security move, Microsoft announced on August 26, 2025, that it will require mandatory multifactor authentication (MFA) for all accounts signing in to…
A startling vulnerability in Pudu Robotics’ management APIs that allowed anyone with minimal technical skill to seize control of the company’s food delivery and service…
A high-severity vulnerability in SUSE’s Fleet, a GitOps management tool for Kubernetes clusters, has been disclosed by security researcher samjustus via GitHub Security Advisory GHSA-6h9x-9j5v-7w9h.…
In recent months, Trustwave SpiderLabs—a LevelBlue company renowned for its threat intelligence and incident response services—has observed a marked uptick in phishing campaigns that leverage…
MediaTek today published its September 2025 Product Security Bulletin, disclosing and remediating a series of critical and moderate vulnerabilities in its modem and system components.…
An Android malware tracker named SikkahBot, active since July 2024 and explicitly targeting students in Bangladesh. Disguised as applications from the Bangladesh Education Board, SikkahBot…
