A sophisticated phishing campaign distributing a fileless variant of Remcos RAT, a commercial remote access tool offering extensive capabilities, including system resource management, remote surveillance,…
A sophisticated PURELOGS infostealer campaign that weaponizes PNG image files to evade detection.The attack begins with a phishing email disguised as a pharmaceutical invoice containing…
A new Magecart-style campaign is actively targeting e-commerce websites by injecting malicious JavaScript that intercepts and exfiltrates payment card data during checkout. The malicious script…
A critical authentication bypass vulnerability in GNU InetUtils’ telnetd server allows remote attackers to gain root access without credentials by exploiting improper parameter sanitization. GNU…
A critical authentication bypass vulnerability in GNU InetUtils’ telnetd server allows remote attackers to gain root access without credentials by exploiting improper parameter sanitization. GNU…
A critical command injection vulnerability in Zoom Node Multimedia Routers (MMRs) has been disclosed, potentially allowing meeting participants to execute arbitrary code on vulnerable systems.…
ErrTraffic is a Traffic Distribution System (TDS) designed to power ClickFix social engineering attacks. Unlike traditional fake update prompts, ErrTraffic deliberately breaks website visuals creating garbled text,…
A sophisticated Linux malware framework developed almost entirely through artificial intelligence, marking the beginning of a new era in AI-powered threats. Unlike previous AI-generated malware…
A sophisticated campaign has weaponized over 2,500 variants of a legitimate security driver to disable endpoint protection before deploying ransomware and remote access trojans. Attackers…
NVIDIA has released an urgent security update addressing a critical vulnerability in NSIGHT Graphics for Linux systems. The vulnerability, tracked as CVE-2025-33206, allows attackers to…
GitLab has released critical security patches addressing multiple vulnerabilities affecting both Community Edition (CE) and Enterprise Edition (EE). Versions 18.8.2, 18.7.2, and 18.6.4 are now…
A sophisticated phishing campaign exploiting LinkedIn private messages has been identified, delivering remote access trojans (RATs) through a combination of DLL sideloading techniques and weaponized…
