A sophisticated and expansive Magecart campaign has been uncovered, marking a dangerous evolution in client-side attacks. Security researchers have identified a global operation utilizing over…
Over 74,000 MongoDB database servers remain vulnerable to a critical security flaw after proof-of-concept exploit code for the MongoBleed vulnerability became publicly available. The Shadowserver…
The popular text editor EmEditor fell victim to a sophisticated supply chain attack between December 19-22, 2025, in which attackers compromised the official website to…
“Threat actors are becoming more advanced, sophisticated, and are constantly changing their tactics.” This mantra has dominated cybersecurity discourse as organizations grapple with escalating breach…
OpenAI has deployed a significant security update to ChatGPT Atlas, its browser-based AI agent, implementing advanced defenses against prompt injection attacks. The update introduces an…
Security researchers from the Whitehat School recently completed an intensive bug-hunting project focused on identifying privilege escalation (LPE) flaws in Windows systems. The findings reveal…
Security researchers have uncovered a sophisticated Spanish-language phishing kit targeting Microsoft Outlook users, revealing what appears to be a coordinated credential-theft operation with potential AI-assisted…
Ubisoft faced a coordinated security crisis today as hackers exploited the critical MongoBleed vulnerability (CVE-2025-14847) to infiltrate Rainbow Six Siege servers, causing widespread account tampering…
Threat intelligence researchers at CloudSEK have uncovered a sophisticated phishing campaign targeting Indian entities using Income Tax-themed lures, attributed to the Chinese-aligned Silver Fox APT…
Security researchers have disclosed critical vulnerabilities in Airoha-based Bluetooth headphones that enable attackers to compromise connected smartphones through chained exploits. The three vulnerabilities CVE-2025-20700, CVE-2025-20701,…
A severe unauthenticated remote code execution vulnerability has been discovered in XSpeeder networking devices, potentially affecting more than 70,000 publicly accessible hosts worldwide. Tracked as…
Security researchers have uncovered a massive coordinated exploitation campaign where threat actors launched over 2.5 million malicious requests against vulnerable systems during the Christmas 2025…
