A critical memory corruption vulnerability, tracked as CVE-2025-5688, has been disclosed in FreeRTOS-Plus-TCP, Amazon’s open-source TCP/IP stack widely used in embedded and IoT devices. The…
A critical security flaw has been uncovered in numerous popular Chrome extensions, affecting millions of users worldwide by exposing sensitive credentials such as API keys,…
Cisco Talos has uncovered a sophisticated and destructive cyberattack targeting a critical infrastructure entity in Ukraine, deploying a previously unknown wiper malware dubbed “PathWiper.” This…
The widespread text-sharing website Paste.ee has been used as a weapon by bad actors to spread powerful malware strains like XWorm and AsyncRAT, which is…
A critical memory leak vulnerability in Apache Tomcat’s HTTP/2 implementation (CVE-2025-31650) has been weaponized, enabling unauthenticated denial-of-service attacks through malformed priority headers. The flaw affects…
China has accused Taiwan’s Democratic Progressive Party (DPP) authorities of orchestrating a series of sophisticated cyber attacks through Advanced Persistent Threat (APT) groups. Referred to…
A new wave of cyber threats has emerged with the discovery of updated variants of Chaos RAT, a notorious open-source remote administration tool (RAT) first…
ESET researchers have uncovered the persistent activities of BladedFeline, an Iranian-aligned Advanced Persistent Threat (APT) group, which has maintained covert access to the networks of…
The cybersecurity landscape witnessed the emergence of new PowerShell-based malware samples circulating in underground forums and threat-hunting communities, marking a significant evolution of the notorious…
In the wake of the COVID-19 pandemic, collaborative tools like Microsoft Teams, Zoom, and WebEx have become indispensable for remote work, enabling seamless communication with…
A newly identified malicious plugin, dubbed “wp-runtime-cache,” has been discovered targeting WordPress sites with a sophisticated method to steal admin credentials. Disguised as a caching…
A critical security vulnerability, tracked as CVE-2025-5601, was disclosed on June 4, 2025, affecting Wireshark versions 4.4.0 to 4.4.6 and 4.2.0 to 4.2.12. This flaw,…
