Google has released an urgent security update for its Chrome desktop browser to address 21 vulnerabilities, including a critical zero-day flaw that is actively being…
Hackers are abusing the Ethereum blockchain to hide and control a new Node.js backdoor called EtherRAT, using a stealthy technique known as EtherHiding to make…
A critical security flaw in the nginx-ui backup restore mechanism, tracked as CVE-2026-33026, allows attackers to manipulate encrypted backups and execute arbitrary commands. Proof-of-Concept (PoC)…
Artificial intelligence agents are transforming enterprise workflows, but they also introduce dangerous new attack vectors. Security researchers from Palo Alto Networks’ Unit 42 recently uncovered…
The Dutch Ministry of Finance is actively managing a significant cybersecurity incident after discovering unauthorized access to its internal Information and Communication Technology (ICT) systems.…
A severe supply chain attack has compromised the widely used Axios HTTP client on the npm registry. Attackers injected a malicious dependency into specific Axios…
Hackers are increasingly turning legitimate Windows administration tools into stealthy weapons to disable antivirus and EDR before launching ransomware, making attacks faster, quieter, and harder…
EvilTokens is a new Phishing-as-a-Service (PhaaS) platform that industrialises Microsoft account takeover by abusing the OAuth device code flow rather than traditional credential phishing. The…
A newly emerging malware known as GhostSocks is quietly reshaping how attackers evade detection by converting compromised systems into residential proxy nodes. Modern cyberattacks rely…
A recent investigation as exposed how a suspected North Korean IT worker allegedly used a stolen identity, AI-generated resume content, and scripted interview answers to…
A fully operational TheGentlemen ransomware toolkit on an exposed server, revealing victim credentials, ngrok tokens, and a complete pre-encryption playbook. This led them to an…
Russian hackers are using a new remote access toolkit called “CTRL” to silently hijack Remote Desktop Protocol (RDP) sessions via FRP-based reverse tunnels, enabling stealthy,…
