Arsink is a cloud-native Android Remote Access Trojan (RAT) that steals sensitive data and grants attackers deep control over infected devices. In several builds, larger…
Microsoft has released KB5074105, a critical preview update for Windows 11 versions 25H2 and 24H2 (OS Builds 26200.7705 and 26100.7705), introducing enhanced security mechanisms to…
A sophisticated fileless Linux malware framework, ShadowHS, that represents a significant evolution in post-exploitation tooling. Unlike traditional malware binaries, ShadowHS operates entirely in memory and…
Notepad++ fell victim to a sophisticated supply chain attack orchestrated by state-sponsored threat actors who compromised its update infrastructure over a six-month campaign. Security experts…
A sophisticated JScript-based command-and-control framework, PeckBirdy, since 2023, exploiting living-off-the-land binaries (LOLBins) to deliver modular backdoors across diverse execution environments. The framework has been observed…
A widespread ransomware campaign targeting misconfigured MongoDB databases continues to compromise thousands of servers worldwide, with attackers exploiting internet-exposed instances that lack basic authentication controls.…
A significant Metasploit Framework update (version 6.4.111) featuring seven new exploit modules that target critical vulnerabilities across widely deployed enterprise systems. This release demonstrates the…
A vulnerability affecting the Mitsubishi Electric Iconics Suite, a widely deployed supervisory control and data acquisition (SCADA) system used across industrial sectors, including automotive, energy,…
A stealthy data theft technique in Microsoft 365 that abuses Outlook add-ins to exfiltrate email content without leaving meaningful forensic traces. The technique, dubbed “Exfil…
Ivanti has disclosed two critical vulnerabilities affecting Endpoint Manager Mobile (EPMM) that could allow attackers to achieve unauthenticated remote code execution. The flaws, tracked as…
The Wireshark Foundation released Wireshark version 4.6.3 on January 14, 2026, addressing four critical security vulnerabilities and multiple stability issues affecting the popular network protocol…
NVIDIA has released critical security updates for its GPU Display Drivers after discovering multiple high-severity vulnerabilities that could allow attackers to execute malicious code and…
