A recent investigation has uncovered alarming security vulnerabilities in Android-powered digital photo frames, turning what should be a simple home or office gadget into a…
A critical unauthenticated SQL injection vulnerability has been discovered in Zoho Analytics Plus on-premise, posing a severe risk to organizations running affected versions. Tracked as…
The Washington Post disclosed a significant data breach affecting more than 9,700 employees and contractors following an external system compromise targeting its Oracle E-Suite infrastructure.…
A critical Remote Code Execution vulnerability has been patched in Imunify360 AV, a security product protecting approximately 56 million websites worldwide. Hosting companies must apply…
Following the doxxing of Lumma Stealer’s alleged core members last month, the notorious infostealer initially experienced a significant decline in activity as customers migrated to…
A newly updated cybersecurity advisory from federal agencies reveals that the Akira ransomware operation has significantly escalated its campaign, compromising organizations worldwide and accumulating massive…
Payment processor Checkout.com recently experienced a data breach after being targeted by the cybercrime group “ShinyHunters.” The attackers accessed old data stored in a third-party…
Palo Alto Networks has disclosed a denial-of-service vulnerability in its PAN-OS software that allows attackers to force firewalls into unexpected reboots using specially crafted network…
Security researchers have successfully extracted the system prompt from OpenAI’s Sora 2 video generation model by exploiting cross-modal vulnerabilities, with audio transcription proving to be…
Security researcher Paul McCarty has uncovered a massive coordinated spam campaign targeting the npm ecosystem. The IndonesianFoods worm, comprising over 43,000 malicious packages published across…
On Friday, November 7th, Veracode Threat Research discovered a dangerous typosquatting campaign targeting developers using GitHub Actions. The malicious npm package “@acitons/artifact” had accumulated over…
A sophisticated campaign attributed to North Korean-aligned threat actors is weaponizing legitimate JSON storage services as an effective vector for deploying advanced malware to software…
