CloudSEK’s STRIKE team has uncovered a sophisticated cryptocurrency theft operation orchestrated by the threat actor “RedLineCyber,” who deliberately impersonates the notorious RedLine Solutions to establish…
Google’s Fast Pair technology has revolutionised Bluetooth connectivity, enabling seamless one-tap pairing across supported accessories and account synchronisation for millions of users. However, a critical vulnerability discovered…
A harmless-looking Google Calendar invite has revealed a new frontier in the exploitation of artificial intelligence (AI). Security researchers at Miggo discovered a vulnerability in Google…
AVEVA has disclosed seven critical and high-severity vulnerabilities in its Process Optimization software (formerly ROMeo) that could enable attackers to execute remote code with SYSTEM…
Genians Security Center has published an in-depth analysis of Operation Poseidon, a sophisticated APT campaign attributed to the Konni threat group that exploits legitimate advertising…
An unnamed organization recently discovered that several employees’ paychecks had silently vanished not because of a ransomware attack, data-wiping malware, or a cloud breach, but…
Windows Subsystem for Linux (WSL) has transformed the developer experience on Windows. However, it has also quietly created a powerful hiding place for attackers. With…
As part of an ongoing effort to highlight active and technically interesting intrusions, a new “Flash Hunting Findings” investigation has uncovered a short but well‑structured…
A severe vulnerability in Windows Server Message Block (SMB) client authentication has emerged as a critical threat to Active Directory environments. CVE-2025-33073, a logical flaw in NTLM…
The Canadian Investment Regulatory Organization (CIRO) has officially confirmed a significant data breach affecting approximately 750,000 Canadian investors, stemming from a sophisticated phishing attack initially…
Pulsar RAT, an advanced evolution of the open-source Quasar RAT, is actively targeting Windows systems with enhanced stealth capabilities and fileless execution techniques. This modular…
A newly analyzed campaign dubbed “Evelyn Stealer” is turning the Visual Studio Code (VSC) extension ecosystem into an attack delivery platform, enabling threat actors to…
