A critical security vulnerability has been discovered in the popular Axios HTTP client library that allows attackers to crash Node.js applications through malicious data URL…
Backdoor malware is a covert type of malicious software designed to bypass standard authentication mechanisms and provide persistent, unauthorized access to compromised systems. Unlike conventional…
Cloud block storage allows organisations to run applications that depend on high throughput and low latency in the cloud. The latest block storage offerings make…
UK train operator LNER (London North Eastern Railway) discloses a data breach Pierluigi Paganini September 12, 2025 LNER warns of a data breach via a…
Samsung has patched a remote code execution vulnerability that was exploited in zero-day attacks targeting its Android devices. Tracked as CVE-2025-21043, this critical security flaw…
A new, sophisticated malware campaign has been uncovered that leverages Microsoft’s Azure Functions for its command-and-control (C2) infrastructure, a novel technique that complicates detection and…
Recent threat campaigns have revealed an evolving use of BAT-based loaders to deliver Remote Access Trojans (RATs), including XWorm and Remcos. These campaigns typically begin…
The security landscape for cloud-native applications is undergoing a profound transformation. Containers, Kubernetes, and serverless technologies are now the default for modern enterprises, accelerating delivery…
Fujitsu’s Horizon system continues to produce erratic figures in branch accounts, which the Post Office can’t explain, with millions of pounds being written off. As…
Apple issues spyware warnings as CERT-FR confirms attacks Pierluigi Paganini September 12, 2025 Apple warned users of a spyware campaign; France’s cyber agency confirmed targeted…
Microsoft has addressed four elevation of privilege vulnerabilities in its Windows Defender Firewall service, all rated as “Important” in severity. The security flaws were detailed…
In a striking evolution of its tactics, the Sidewinder advanced persistent threat (APT) group—also known as APT-C-24 or “Rattlesnake”—has adopted a novel delivery mechanism leveraging…
