A critical zero-day vulnerability in Cloudflare’s Web Application Firewall (WAF) allowed attackers to bypass security controls and directly access protected origin servers. Security researchers from…
A sophisticated malvertising campaign tracked as TamperedChef has compromised over 100 organizations across 19 countries by distributing weaponized PDF editing software through Google Ads. Sophos…
A critical privilege escalation vulnerability discovered in the Advanced Custom Fields: Extended WordPress plugin threatens over 100,000 active installations. The vulnerability, identified as CVE-2025-14533 with…
On January 13, 2026, Check Point Research published its analysis of VoidLink, a Chinese-developed Linux malware framework designed to target cloud environments. Following this disclosure,…
TP-Link has disclosed a high-severity authentication bypass vulnerability affecting its VIGI security camera lineup, allowing attackers on local networks to reset administrator passwords without verification. The flaw lies in…
A newly discovered information-stealing malware, SolyxImmortal, has emerged as a persistent surveillance threat targeting Windows users. Distributed through underground Telegram channels, this Python-based implant combines…
CloudSEK’s STRIKE team has uncovered a sophisticated cryptocurrency theft operation orchestrated by the threat actor “RedLineCyber,” who deliberately impersonates the notorious RedLine Solutions to establish…
Google’s Fast Pair technology has revolutionised Bluetooth connectivity, enabling seamless one-tap pairing across supported accessories and account synchronisation for millions of users. However, a critical vulnerability discovered…
A harmless-looking Google Calendar invite has revealed a new frontier in the exploitation of artificial intelligence (AI). Security researchers at Miggo discovered a vulnerability in Google…
AVEVA has disclosed seven critical and high-severity vulnerabilities in its Process Optimization software (formerly ROMeo) that could enable attackers to execute remote code with SYSTEM…
Genians Security Center has published an in-depth analysis of Operation Poseidon, a sophisticated APT campaign attributed to the Konni threat group that exploits legitimate advertising…
An unnamed organization recently discovered that several employees’ paychecks had silently vanished not because of a ransomware attack, data-wiping malware, or a cloud breach, but…
